| lebenskunst | 23.03.2014 16:56 |
Hallo Jonas,
Das bekomme ich noch nicht hin: wie komme ich an die Daten dran von:
C:\Programme\Eset\EsetOnlineScanner\log.txt ?
Ich hab den scan gemacht -aber husch war es weg und ist irgendwo abgelagert...
Beim firefox habe ich die cache gelöscht und den Proxy neu eingestellt - sorry, aber es war nicht mehr möglich, vernünftig zu arbeiten! Jetzt geht es wieder.
Hier kommt die letzte frst Datei:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by gentiana (administrator) on SALUS on 23-03-2014 16:47:22
Running from C:\Users\gentiana\Desktop\troja
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe
(JME) C:\Program Files\jmesoft\hotkey.exe
(CyberLink) C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(G Data Software AG) C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe
(Dropbox, Inc.) C:\Users\gentiana\AppData\Roaming\Dropbox\bin\Dropbox.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [jmekey] - C:\Program Files\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM\...\Run: [CLMLServer] - C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [MobileConnect] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2072576 2008-07-04] (Vodafone)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKU\.DEFAULT\...\RunOnce: [WLStart] - C:\Program Files\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [280576 2013-09-13] (Microsoft Corporation)
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\MountPoints2: {199e8b96-9176-11e3-a53e-4487fcac1a6f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\MountPoints2: {199e8c1b-9176-11e3-a53e-4487fcac1a6f} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\MountPoints2: {40306a43-94bc-11e3-80e0-4487fcac1a6f} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1828799435-1993723982-232390221-1004\...\MountPoints2: {40306a46-94bc-11e3-80e0-4487fcac1a6f} - E:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Users\gentiana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\gentiana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{68A47F15-156F-477B-A0F9-28265C15111A}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{CF6CBEC5-B871-4882-A536-FE6082C7AD5C}: [NameServer]217.0.43.129 217.0.43.145
FireFox:
========
FF ProfilePath: C:\Users\gentiana\AppData\Roaming\Mozilla\Firefox\Profiles\fcw0p9ho.default-1395171310512
FF Homepage: ww.ecosia.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\windows\system32\npDeployJava1.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\gentiana\AppData\Roaming\Mozilla\Firefox\Profiles\fcw0p9ho.default-1395171310512\Extensions\ich@maltegoetz.de [2014-03-21]
Chrome:
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-01-13&ent=hp&u=5ED0862EF32FB2746E530F52D459D335
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-01-13&ent=hp&u=5ED0862EF32FB2746E530F52D459D335", "hxxp://www.google.com/"
CHR Extension: (YouTube) - C:\Users\gentiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-12]
CHR Extension: (Google-Suche) - C:\Users\gentiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-12]
CHR Extension: (Google Mail) - C:\Users\gentiana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-12]
========================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-16] (IObit)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone)
S4 MpfService; "C:\Program Files\McAfee\MPF\MPFSrv.exe" [X]
==================== Drivers (Whitelisted) ====================
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [45912 2014-02-22] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [96600 2014-02-22] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [52056 2014-02-22] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [54104 2014-02-22] (G Data Software AG)
R0 gfibto; C:\windows\System32\drivers\gfibto.sys [13560 2014-01-13] (GFI Software)
R1 GRD; C:\windows\system32\drivers\GRD.sys [30040 2014-02-22] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [51032 2014-02-22] (G Data Software AG)
R1 MPFP; C:\windows\System32\Drivers\Mpfp.sys [130424 2009-07-16] (McAfee, Inc.)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-23 12:20 - 2014-03-23 16:35 - 00000000 ____D () C:\Users\gentiana\Desktop\stiftung
2014-03-21 15:34 - 2014-03-21 23:43 - 03484160 _____ () C:\Users\gentiana\Desktop\Trop_mignon.pps
2014-03-21 12:48 - 2014-03-22 22:53 - 00000000 ____D () C:\Users\gentiana\Desktop\lind
2014-03-21 12:36 - 2014-03-21 12:36 - 00002176 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-03-21 12:35 - 2014-03-21 12:36 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\DVDVideoSoft
2014-03-21 12:35 - 2014-03-21 12:36 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-03-21 12:35 - 2014-03-21 12:35 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-21 11:21 - 2014-03-23 12:21 - 00000000 ____D () C:\Users\gentiana\Desktop\Neu 21-03-14
2014-03-19 12:50 - 2014-03-19 12:51 - 00000000 ____D () C:\Users\gentiana\Desktop\kasse
2014-03-16 21:00 - 2014-03-23 16:47 - 00000000 ____D () C:\FRST
2014-03-16 16:20 - 2013-11-05 14:38 - 01122304 _____ (The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS) C:\windows\system32\libeay32.dll
2014-03-16 16:20 - 2013-11-05 14:38 - 00274432 _____ (The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS) C:\windows\system32\ssleay32.dll
2014-03-16 16:20 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\windows\eSellerateEngine.dll
2014-03-16 16:20 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\windows\eSellerateControl350.dll
2014-03-16 16:03 - 2014-03-16 16:03 - 00001814 _____ () C:\sc-cleaner.txt
2014-03-16 15:49 - 2014-03-23 16:47 - 00000000 ____D () C:\Users\gentiana\Desktop\troja
2014-03-16 12:38 - 2014-03-16 12:39 - 00000000 ____D () C:\ProgramData\IObit
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\ProductData
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\IObit
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Program Files\IObit
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\MusE
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Users\gentiana\AppData\Local\MusE
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Program Files\MuseScore
2014-03-16 12:07 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-16 12:07 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-16 12:07 - 2014-02-23 07:54 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-16 12:07 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-16 12:07 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-16 12:07 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-16 12:07 - 2014-02-23 06:35 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-03-16 12:05 - 2014-03-16 12:06 - 00000000 ____D () C:\windows\system32\MRT
2014-03-16 12:04 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-16 12:04 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-16 12:04 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-16 12:04 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-16 12:04 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-16 10:14 - 2014-03-16 12:41 - 00000000 ____D () C:\Users\gentiana\Desktop\musik
2014-03-02 11:04 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-02-23 17:14 - 2014-02-23 22:00 - 00000000 ____D () C:\Users\gentiana\Desktop\gudrun
2014-02-22 22:25 - 2014-02-22 22:25 - 00030040 _____ (G Data Software) C:\windows\system32\Drivers\GRD.sys
2014-02-22 20:23 - 2014-02-22 20:23 - 00052056 _____ (G Data Software AG) C:\windows\system32\Drivers\PktIcpt.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00096600 _____ (G Data Software AG) C:\windows\system32\Drivers\MiniIcpt.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00054104 _____ (G Data Software AG) C:\windows\system32\Drivers\gdwfpcd32.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00051032 _____ (G Data Software AG) C:\windows\system32\Drivers\HookCentre.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00045912 _____ (G Data Software AG) C:\windows\system32\Drivers\GDBehave.sys
2014-02-22 17:38 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-22 17:38 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-02-22 17:38 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-22 17:38 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-22 17:38 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-02-22 17:38 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-02-22 17:38 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-02-22 17:38 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-02-22 17:38 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-02-22 17:38 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-02-22 17:38 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-02-22 17:38 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
==================== One Month Modified Files and Folders =======
2014-03-23 16:47 - 2014-03-16 21:00 - 00000000 ____D () C:\FRST
2014-03-23 16:47 - 2014-03-16 15:49 - 00000000 ____D () C:\Users\gentiana\Desktop\troja
2014-03-23 16:37 - 2014-01-13 21:07 - 00016938 _____ () C:\windows\setupact.log
2014-03-23 16:35 - 2014-03-23 12:20 - 00000000 ____D () C:\Users\gentiana\Desktop\stiftung
2014-03-23 16:33 - 2014-01-14 12:52 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 16:25 - 2014-02-20 16:14 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 16:25 - 2014-02-20 16:14 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-23 14:29 - 2013-09-12 11:30 - 00000000 ____D () C:\Users\gentiana\Desktop\10- gesund-A-2
2014-03-23 12:21 - 2014-03-21 11:21 - 00000000 ____D () C:\Users\gentiana\Desktop\Neu 21-03-14
2014-03-23 12:18 - 2010-06-24 13:58 - 01217058 _____ () C:\windows\WindowsUpdate.log
2014-03-23 10:58 - 2009-07-14 05:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-23 10:58 - 2009-07-14 05:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-23 10:57 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing
2014-03-23 10:54 - 2010-06-24 14:01 - 01618320 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-23 10:51 - 2013-09-12 15:03 - 00000000 ___RD () C:\Users\gentiana\Dropbox
2014-03-23 10:51 - 2013-09-12 12:31 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\Dropbox
2014-03-23 10:49 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-22 22:53 - 2014-03-21 12:48 - 00000000 ____D () C:\Users\gentiana\Desktop\lind
2014-03-22 22:03 - 2014-01-19 16:33 - 00000000 ____D () C:\Users\gentiana\Desktop\Therapie
2014-03-22 21:46 - 2013-08-21 21:31 - 00000000 ____D () C:\Users\gentiana
2014-03-21 23:43 - 2014-03-21 15:34 - 03484160 _____ () C:\Users\gentiana\Desktop\Trop_mignon.pps
2014-03-21 16:30 - 2013-11-14 19:43 - 00000000 ____D () C:\Users\gentiana\Desktop\10-alle programme
2014-03-21 16:30 - 2013-10-14 19:46 - 00000000 ____D () C:\Users\gentiana\Desktop\10-yt-russ
2014-03-21 15:13 - 2014-01-13 21:07 - 00511048 _____ () C:\windows\PFRO.log
2014-03-21 12:36 - 2014-03-21 12:36 - 00002176 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-03-21 12:36 - 2014-03-21 12:35 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\DVDVideoSoft
2014-03-21 12:36 - 2014-03-21 12:35 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-03-21 12:35 - 2014-03-21 12:35 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-21 11:29 - 2014-01-10 13:44 - 00000000 ____D () C:\Users\gentiana\Desktop\alles
2014-03-21 00:10 - 2013-09-13 13:44 - 00000000 ____D () C:\Program Files\Opera
2014-03-19 12:51 - 2014-03-19 12:50 - 00000000 ____D () C:\Users\gentiana\Desktop\kasse
2014-03-18 20:41 - 2009-07-14 05:53 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-16 17:33 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\LogFiles
2014-03-16 16:03 - 2014-03-16 16:03 - 00001814 _____ () C:\sc-cleaner.txt
2014-03-16 15:46 - 2014-01-13 21:30 - 00000000 ____D () C:\AdwCleaner
2014-03-16 12:41 - 2014-03-16 10:14 - 00000000 ____D () C:\Users\gentiana\Desktop\musik
2014-03-16 12:39 - 2014-03-16 12:38 - 00000000 ____D () C:\ProgramData\IObit
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\ProductData
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\IObit
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-16 12:38 - 2014-03-16 12:38 - 00000000 ____D () C:\Program Files\IObit
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\MusE
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Users\gentiana\AppData\Local\MusE
2014-03-16 12:36 - 2014-03-16 12:36 - 00000000 ____D () C:\Program Files\MuseScore
2014-03-16 12:19 - 2009-07-14 05:33 - 00447784 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-16 12:18 - 2010-06-24 14:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-16 12:06 - 2014-03-16 12:05 - 00000000 ____D () C:\windows\system32\MRT
2014-03-16 12:05 - 2013-09-12 20:26 - 87350280 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 20:47 - 2014-02-07 22:19 - 00000000 ____D () C:\Users\gentiana\Desktop\lern neu
2014-03-14 20:08 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\LiveKernelReports
2014-03-14 18:33 - 2013-09-12 13:43 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-03-14 18:33 - 2013-09-12 13:43 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-02 11:35 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-03-02 11:04 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-02-24 18:03 - 2013-08-22 20:22 - 00000000 ____D () C:\Users\gentiana\AppData\Roaming\vlc
2014-02-23 23:31 - 2013-10-03 12:43 - 00000000 ____D () C:\Users\gentiana\Desktop\10-A-4-märchenarbeit
2014-02-23 22:00 - 2014-02-23 17:14 - 00000000 ____D () C:\Users\gentiana\Desktop\gudrun
2014-02-23 15:22 - 2013-10-03 09:13 - 00000000 ____D () C:\Users\gentiana\Desktop\10-D1-Bühnenarbeit-A-3
2014-02-23 07:54 - 2014-03-16 12:07 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-23 07:54 - 2014-03-16 12:07 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-23 07:54 - 2014-03-16 12:07 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-23 07:53 - 2014-03-16 12:07 - 14358016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 13761024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-23 07:53 - 2014-03-16 12:07 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-23 07:31 - 2014-03-16 12:07 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-23 06:35 - 2014-03-16 12:07 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-22 22:25 - 2014-02-22 22:25 - 00030040 _____ (G Data Software) C:\windows\system32\Drivers\GRD.sys
2014-02-22 21:06 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-02-22 20:23 - 2014-02-22 20:23 - 00052056 _____ (G Data Software AG) C:\windows\system32\Drivers\PktIcpt.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00096600 _____ (G Data Software AG) C:\windows\system32\Drivers\MiniIcpt.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00054104 _____ (G Data Software AG) C:\windows\system32\Drivers\gdwfpcd32.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00051032 _____ (G Data Software AG) C:\windows\system32\Drivers\HookCentre.sys
2014-02-22 20:15 - 2014-02-22 20:15 - 00045912 _____ (G Data Software AG) C:\windows\system32\Drivers\GDBehave.sys
2014-02-22 20:15 - 2013-10-27 10:29 - 00000000 ____D () C:\ProgramData\G Data
2014-02-22 20:14 - 2013-10-27 10:29 - 00000000 ____D () C:\Program Files\G Data
2014-02-22 20:14 - 2013-10-27 10:29 - 00000000 ____D () C:\Program Files\Common Files\G Data
2014-02-22 19:56 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\spool
2014-02-22 19:21 - 2013-09-12 12:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-22 17:48 - 2009-09-14 07:33 - 00000000 ____D () C:\windows\system32\Drivers\de-DE
2014-02-21 21:50 - 2014-01-27 20:09 - 00000000 ____D () C:\Users\gentiana\Desktop\yt neu
2014-02-21 18:20 - 2013-09-13 13:36 - 00000000 ____D () C:\Users\gentiana\Desktop\10-yt
2014-02-21 17:59 - 2013-09-12 19:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\gentiana\AppData\Local\Temp\59f5ffe6-e046-4728-b31c-a0db24c615d0.exe
C:\Users\gentiana\AppData\Local\Temp\a6b49b35-91cb-426f-af85-55b186d5720b.exe
C:\Users\gentiana\AppData\Local\Temp\e93f54ca-9796-4cb4-889a-3d4309dd097d.exe
C:\Users\gentiana\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\gentiana\AppData\Local\Temp\promote-upx.exe
C:\Users\gentiana\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-21 11:51
==================== End Of Log ============================
--- --- --- |
