| |
| |||||||
Log-Analyse und Auswertung: Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.02.2014, 16:00
| #1 |
 |  Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) Hallo, folgendes Problem plagt mich seit 6 Uhr morgens: Starte ich den PC, Windows Vista 32 bit, erscheint der Desktophintergrund, Taskleiste und drei Symbole in der Tray. Dann kommt "Windows Explorer funktioniert nicht mehr" mit dem Hinweis, dass eine Lösung für das Problem gesucht wird, woraufhin die Meldung erscheint "Windows Explorer wird neu gestartet". Dann stürzt er gleich wieder ab, das geht dann 5 - 10 Mal so, woraufhin er den Explorer nicht mehr neu starten will sondern den Desktop anzeigt, ohne dass etwas anklickbar wäre. In den Taskmanager kommt man jedoch noch rein, beendet ich dort "explorer.exe" manuell, erscheint die Fehlermeldung: explorer.exe - Fehler in der Anwendung Die Ausnahme "unkoown software exception" (0x80000003) ist in der Anwendung an der STelle 0x628f96c0 aufgetreten. Klicken Sie auf "OK", um das Programm zu beenden. WinExplorer stürzt auch ab, wenn ich mich im Abgesicherten Modus einlogge, jedoch nicht, wenn ich in den Abgesicherten Modus mit Eingabeaufforderung gehe. Interessant finde ich, dass WinExplorer nicht abstürzt, wenn ich mich in ein zweites Benutzerkonto einlogge - dieses hat allerdings keine Admin-Rechte. Versucht habe ich bereits folgendes vergebens: - in msconfig alle Autostart-Dateien deaktivieren (außer Betriebssystem) und alle Syst - mit einer Ubuntu Live CD habe ich versucht, die explorer.exe in C:\Windwors mit einer "altne" (?) explorer.exe aus einem Ordner in C:\Windows\...\explorer.exe zu ersetzen - Sfc scannow Befehl mehrere Male ausgeführt - Reparaturoptionen mit der Boot-CD - Letzte Funktionierende Konfiguration - Systemwiederherstellung auf Dezember oder so (mittlerweile sehe ich im Wiederherstellungsmenü nur 4 Zeitpunkte, bis maximal 21.02.2014 zurück! Ich habe versucht, über die Eingabeaufforderung und mit Hilfe eines USB Sticks GMER und FRST zum Laufen zu bringen. Für defogger habe ich noch eine Logfile bekommen, Gmer und FRST bleiben aber hängen, während der Scan läuft. Noch eine Anmerkung: Habe Malwarebytes Anti-Maleware Quick Check drüber laufen lassen. Die explorer.exe, die ich im Windows-Ordner überschrieben habe, hatte ich auf dem Desktop zur Sicherheit mal gespeichert. Dort findet Malwarebytes etwas namens "Heuristics.Reserved.Word.Exploit". Leider lässt sich die log-file nicht speichern, immer dann hängt sich das Programm wie bei den anderen auf! Tausend Dank für die Hilfe im Voraus!!! FRST konnte ich nur im abgesicherten Modus mit Eingabeaufforderung ausführen, das Programm blieb ja im Hauptbenutzerkonto genauso wie Malwarebytes hängen. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:41 on 24/02/2014 (Florian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by Florian (administrator) on FLORIAN-PC on 24-02-2014 14:07:42
Running from J:\
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Florian\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1939334895-897515761-2617989973-1000\...\MountPoints2: {290950d7-1c36-11e2-ba36-00e04d627320} - I:\SETUP.EXE
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x690419F2E449CE01
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Tunebite_WebRipPlugin Class - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Program Files\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default
FF SelectedSearchEngine: dict.cc
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @spoon.net/Spoon Plugin 3.32 - C:\Program Files\Spoon\3.32.2.12\npMozillaSpoonPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: samsung.com/SamsungLinkPCPlugin - C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Extension: Nightly Tester Tools - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2014-01-03]
FF Extension: InvisibleHand - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2014-01-02]
FF Extension: Dict.cc Translation - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\searchdictcc@roughael.xpi [2014-01-02]
FF Extension: InstantFox - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\searchy@searchy.xpi [2014-01-02]
FF Extension: Google Translator for Firefox - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\translator@zoli.bod.xpi [2014-01-02]
FF Extension: Google Cache Tool - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{3869b071-0fae-4c75-948a-60d9c56ea02b}.xpi [2014-01-02]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-02]
FF Extension: Greasemonkey - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\t043bv75.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-02]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [tunebite-firefox-surf-and-catch-extension@audials.com] - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\
FF Extension: Tunebite Firefox Surf and Catch Plugin - C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ []
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-31]
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-12-28]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-12-28]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (NapsterLink) - C:\Program Files\Mozilla Firefox\plugins\npstrlnk.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll No File
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-12-28]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-12-28]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-12-28]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-12-28]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-15]
CHR Extension: (ICE Quick Stream) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp [2011-10-23]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Google Mail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR Extension: (Anti-Banner) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-12-28]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-31]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
========================== Services (Whitelisted) =================
S2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-12-28] (Kaspersky Lab ZAO)
S2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528624 2009-11-17] (Cisco Systems, Inc.)
S4 gupdate1ca434fb413d182; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-02] (Google Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [574536 2013-11-05] (Copyright 2013 SAMSUNG)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [65024 2009-09-30] (tzuk)
==================== Drivers (Whitelisted) ====================
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2009-11-17] (Cisco Systems, Inc.)
S3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-10-22] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-12-28] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [595552 2013-12-28] (Kaspersky Lab ZAO)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-12-28] (Kaspersky Lab ZAO)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-12-28] (Kaspersky Lab ZAO)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-12-28] (Kaspersky Lab ZAO)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-07-03] (RapidSolution Software AG)
S3 RT73; C:\Windows\System32\DRIVERS\Dr71WU.sys [489984 2008-01-16] (Ralink Technology, Corp.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [116736 2009-09-30] (tzuk)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [37920 2010-11-12] (RapidSolution Software AG)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S2 adfs; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2013-12-28] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 14:23 - 2009-04-11 07:27 - 02926592 _____ (Microsoft Corporation) C:\Users\Florian\Desktop\explorer.exe
2014-02-24 14:23 - 2006-11-02 10:45 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:55 - 2014-02-24 14:07 - 00000000 ____D () C:\FRST
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-23 21:02 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 21:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 21:02 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 21:02 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 21:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 21:02 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 21:02 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 21:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 21:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 21:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 21:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 21:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 20:00 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-21 20:44 - 2014-02-23 19:42 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-20 09:47 - 2014-02-20 09:53 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-14 12:25 - 2014-02-14 12:26 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)
==================== One Month Modified Files and Folders =======
2014-02-24 14:07 - 2014-02-24 13:55 - 00000000 ____D () C:\FRST
2014-02-24 14:03 - 2006-11-02 14:01 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-24 14:03 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 14:03 - 2006-11-02 13:47 - 00004080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 14:02 - 2009-10-20 07:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-24 14:02 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 14:02 - 2006-11-02 13:52 - 01228371 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 14:00 - 2006-11-02 11:33 - 01453952 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 13:58 - 2014-02-24 13:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-24 13:58 - 2012-10-22 17:55 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Dropbox
2014-02-24 13:56 - 2012-10-22 17:59 - 00000000 ___RD () C:\Users\Monika\Dropbox
2014-02-24 13:54 - 2011-12-28 13:58 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-24 13:54 - 2009-10-02 12:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 13:53 - 2010-08-18 14:21 - 00000000 ____D () C:\Program Files\Common Files\Akamai
2014-02-24 13:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-24 13:31 - 2011-11-01 16:32 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Dropbox
2014-02-24 13:30 - 2011-11-01 17:13 - 00000000 ___RD () C:\Users\Florian\Documents\Dropbox
2014-02-24 13:29 - 2011-11-04 18:58 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-02-24 12:21 - 2010-03-21 17:13 - 00000000 ____D () C:\Windows\pss
2014-02-24 11:14 - 2014-02-24 11:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-24 10:50 - 2012-10-22 17:57 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-24 10:50 - 2009-10-02 12:12 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 10:45 - 2012-06-17 18:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 09:23 - 2009-10-01 16:25 - 00001356 _____ () C:\Users\Florian\AppData\Local\d3d9caps.dat
2014-02-23 21:22 - 2009-10-01 20:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-23 21:14 - 2013-08-08 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-23 21:05 - 2006-11-02 11:23 - 00000219 _____ () C:\Windows\win.ini
2014-02-23 20:26 - 2012-03-19 20:15 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001UA.job
2014-02-23 20:26 - 2012-03-19 20:15 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939334895-897515761-2617989973-1001Core.job
2014-02-23 19:46 - 2012-05-12 00:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-23 19:46 - 2011-05-15 23:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-23 19:42 - 2014-02-21 20:44 - 00000000 ____D () C:\Program Files\GUM79B1.tmp
2014-02-23 19:41 - 2010-03-03 01:35 - 00000000 ____D () C:\Users\Monika
2014-02-23 19:41 - 2009-10-01 16:25 - 00000000 ____D () C:\Users\Florian
2014-02-23 19:41 - 2006-11-02 11:22 - 63176704 _____ () C:\Windows\system32\config\software_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 45088768 _____ () C:\Windows\system32\config\components_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 126615552 _____ () C:\Windows\system32\config\system_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-02-23 19:41 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-02-23 19:40 - 2011-11-11 14:01 - 00000000 ____D () C:\Users\Florian\AppData\Local\Akamai
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-02-23 19:40 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-02-21 20:31 - 2014-01-02 22:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-21 20:31 - 2013-12-11 14:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-21 20:31 - 2012-07-21 14:58 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-02-21 20:31 - 2010-12-03 01:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\vlc
2014-02-21 20:31 - 2009-10-01 19:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\MediaMonkey
2014-02-21 10:24 - 2013-12-16 19:19 - 04323291 _____ () C:\Users\Florian\Desktop\IMG_1508.MOV
2014-02-20 09:53 - 2014-02-20 09:47 - 00000000 ____D () C:\Users\Florian\Desktop\utmp
2014-02-20 09:53 - 2011-12-12 23:07 - 00000600 _____ () C:\Users\Florian\PUTTY.RND
2014-02-14 13:20 - 2013-10-01 18:14 - 00000000 ____D () C:\Users\Florian\Desktop\Uni
2014-02-14 12:26 - 2014-02-14 12:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox(74)
2014-02-13 12:22 - 2012-07-21 14:59 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-02-10 17:04 - 2009-10-01 18:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-10 16:39 - 2008-12-24 23:33 - 00000000 ____D () C:\Users\Florian\Documents\Meine Scans
2014-02-10 14:15 - 2011-11-01 16:34 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-10 14:09 - 2009-10-01 16:26 - 00101224 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 19:49 - 2008-02-23 05:18 - 00000000 ___HD () C:\Users\Florian\Documents\Turbo Lister
2014-02-05 09:58 - 2014-02-23 21:02 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-23 21:02 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-23 21:02 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-23 21:02 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-23 21:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-23 21:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-23 21:02 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-23 21:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-23 21:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-23 21:02 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-23 21:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-23 21:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-04 19:09 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\Users\Florian\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\K-Lite_Codec_Pack_Basic.exe
C:\Users\Florian\AppData\Local\Temp\ose00000.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1382458371839.exe
C:\Users\Florian\AppData\Local\Temp\SamsungAPInstaller_1384803161297.exe
C:\Users\Monika\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2014-02-24 14:23] - [2006-11-02 10:45] - 2923520 ____A (Microsoft Corporation) FD8C53FB002217F6F888BCF6F5D7084D
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-24 14:01
==================== End Of Log ============================
|
| Themen zu Vista: Windows Explorer stürzt nacht Start ab (Dauerschleife) |
| akamai, avp, bonjour, downloader, ebanking, explorer funktioniert nicht, flash player, funktioniert nicht mehr, helper, home, homepage, hängen, hängt, kaspersky, live cd, logfile, maximal, mozilla, problem, programm, registry, scan, security, software, starten, svchost.exe, taskmanager, tastatur, tracker, vista, windows |
Baum-Darstellung