Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.09.2013, 21:17   #1
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Unglücklich

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Guten abend,

ich hoffe ihr könnt mir helfen, ich sitze schon seit einigen Stunden am Laptop meiner Mutter und versuche den Virus (oder was auch immer das ist) herunterzubekommen. Der müsste durch einen Download meines Bruders, von einem Minecraft Mod, entstanden sein.

Und zwar:
es erscheinen ständig Popups im Browser, ich habe auch einen Screenshot gemacht:
[Spoiler]
hxxp://i.imagebanana.com/img/lonhr91o/Beispiel.png
[/spoiler]
Teilweise öffnen sich auch noch viel mehr Pop-ups.
Beim Start des Computers kommt eine Meldung wie z.B, dass ich eine Onlinesicherung machen kann o.ä (in "perfektem" deutsch). Auch sind einige Wörter im Browser unterstrichen und es erscheint Werbung.

ich habe bereits Suchläufe mit Malewarebytes unternommen:
Logfile vom Quickscan:


Datenbank Version: v2013.09.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Martina :: MEINPC [Administrator]

Schutz: Aktiviert

21.09.2013 20:54:34
mbam-log-2013-09-21 (20-54-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 223187
Laufzeit: 9 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Logfile vom kompletten scan:

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.21.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Martina :: MEINPC [Administrator]

Schutz: Aktiviert

21.09.2013 15:27:27
mbam-log-2013-09-21 (15-27-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 507623
Laufzeit: 2 Stunde(n), 5 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 39
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bg.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-buttonutil.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-buttonutil64.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-chromeinstaller.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-codedownloader.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-enabler.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-updater.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\LyricsBuddy-1\utils.exe (PUP.Optional.Lyrics.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JK6NDH6B\pack[2].7z (PUP.Optional.PerformerSoft.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JK6NDH6B\Setup[1].exe (PUP.Optional.DiamonData.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\75d6Installer.exe (PUP.Optional.VIT) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\instloffer.exe (PUP.Optional.VIT.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\50BE7444-BAB0-7891-BA16-B5DA3FAEEE8F\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\C3F9D3BE-BAB0-7891-88ED-6AE145FC94A2\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\CDF40217-BAB0-7891-83AA-48E3E10E9CFB\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe\7908ba6b395e457887e181de34630b3e\google-chrome.exe (PUP.OptionalBundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe\7908ba6b395e457887e181de34630b3e\installer.exe (PUP.OptionalBundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe\7908ba6b395e457887e181de34630b3e\software\Delta Babylon.exe (PUP.Optional.DeltaTB) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe\7908ba6b395e457887e181de34630b3e\software\Superlyrics.exe (PUP.Optional.Adtool) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martina\Downloads\google-chrome.exe (PUP.OptionalBundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

den Flash Scan habe ich auch gemacht, dort auch einige Objekte gefunden und gelöscht.
Bei dem vollständigen Suchlauf hatte ich über 1000 infizierte Objekte beim ersten Suchlauf gefunden (dieser ist vom letzen) und auch diese alle gelöscht.

Außerdem habe ich noch einen Durchlauf mit hxxp://definitionupdates.microsoft.com/download/definitionupdates/safetyscanner/amd64/msert.exe gemacht (Achtung, downloadlink), der hat allerdings nichts gefunden.


Ich hoffe ihr könnt mir helfen

Alt 21.09.2013, 21:37   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 21.09.2013, 22:34   #3
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by Martina (administrator) on MEINPC on 21-09-2013 22:28:33
Running from C:\Users\Martina\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Windows\system32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VizorHtmlDialog.exe] - C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-07-23] (AMD)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
MountPoints2: {024eaf0f-02ac-11e3-a0a8-14dae9e7f698} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316e6c-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316f42-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {e2e6e8e4-f08b-11e2-aa1e-abdc806fe5c8} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [357 2013-09-21] ()
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [MobileBroadband] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [279552 2011-07-14] (Vodafone)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-07-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1601488 2013-08-06] (APN)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.babylon.com/?babsrc=HP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a15bcbee-35a2-07eb-79a0-87c0f7c635af&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a15bcbee-35a2-07eb-79a0-87c0f7c635af&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a15bcbee-35a2-07eb-79a0-87c0f7c635af&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=a15bcbee-35a2-07eb-79a0-87c0f7c635af&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://isearch.babylon.com/?babsrc=HP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-07-23] (Advanced Micro Devices, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-06] (APN LLC.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [79872 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [58880 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [14336 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [56320 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [56320 2011-05-20] (Vodafone)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 15:23 - 2013-09-21 15:24 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:05 - 2013-09-21 15:13 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:05 - 2013-09-21 15:09 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:26 - 2013-09-16 19:27 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:22 - 2013-09-21 15:16 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-16 19:20 - 2013-09-16 19:20 - 00003392 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:59 - 2013-09-21 19:01 - 00001306 _____ C:\Windows\Tasks\LyricsBuddy-1-updater.job
2013-09-16 18:59 - 2013-09-21 19:01 - 00001110 _____ C:\Windows\Tasks\LyricsBuddy-1-enabler.job
2013-09-16 18:59 - 2013-09-16 19:01 - 00004336 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-updater
2013-09-16 18:59 - 2013-09-16 19:01 - 00004140 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-enabler
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-21 19:01 - 00001922 _____ C:\Windows\Tasks\LyricsBuddy-1-chromeinstaller.job
2013-09-16 18:58 - 2013-09-21 19:01 - 00001210 _____ C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job
2013-09-16 18:58 - 2013-09-21 15:19 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-16 18:58 - 2013-09-20 16:22 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-16 18:58 - 2013-09-16 19:01 - 00004240 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-codedownloader
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\ProgramData\Babylon
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:27 - 2013-09-21 15:26 - 00000000 ____D C:\Fraps
2013-09-14 18:12 - 2013-09-14 18:12 - 00000000 ____D C:\Users\Martina\AppData\Local\{8C60EA7A-5C03-46D1-9587-6B748569F006}
2013-09-14 17:28 - 2013-09-16 18:56 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-14 17:27 - 2013-09-14 17:28 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 10:59 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 10:59 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 10:59 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 18:53 - 2013-09-21 15:22 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-12 18:53 - 2013-09-12 18:54 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:52 - 2013-09-12 18:53 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:46 - 2013-09-12 18:49 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-12 14:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 14:50 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 14:50 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 14:50 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 14:50 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 14:50 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 14:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 14:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 14:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 14:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 14:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 21:59 - 2013-09-07 22:26 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:53 - 2013-09-07 21:55 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 16:59 - 2013-09-05 17:00 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:58 - 2013-09-05 17:01 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:09 - 2013-09-04 19:09 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-04 19:09 - 2013-09-04 19:09 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-09-04 19:08 - 2013-09-17 17:43 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-04 19:08 - 2013-09-04 19:08 - 00000000 ____D C:\ProgramData\APN
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:06 - 2013-09-04 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-21 16:52 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:52 - 2013-09-04 18:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:49 - 2013-09-04 18:51 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

==================== One Month Modified Files and Folders =======

2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:28 - 2013-07-18 06:06 - 01363816 _____ C:\Windows\WindowsUpdate.log
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 21:44 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-21 21:44 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-21 19:01 - 2013-09-16 18:59 - 00001306 _____ C:\Windows\Tasks\LyricsBuddy-1-updater.job
2013-09-21 19:01 - 2013-09-16 18:59 - 00001110 _____ C:\Windows\Tasks\LyricsBuddy-1-enabler.job
2013-09-21 19:01 - 2013-09-16 18:58 - 00001922 _____ C:\Windows\Tasks\LyricsBuddy-1-chromeinstaller.job
2013-09-21 19:01 - 2013-09-16 18:58 - 00001210 _____ C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job
2013-09-21 16:52 - 2013-09-04 18:53 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-21 15:26 - 2013-09-16 18:27 - 00000000 ____D C:\Fraps
2013-09-21 15:24 - 2013-09-21 15:23 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:22 - 2013-09-12 18:53 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-21 15:19 - 2013-09-16 18:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-21 15:16 - 2013-09-16 19:22 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-09-21 15:16 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 15:13 - 2013-09-21 15:05 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:09 - 2013-09-21 15:05 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-21 15:08 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 15:08 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 15:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 15:00 - 2009-07-14 06:51 - 00065003 _____ C:\Windows\setupact.log
2013-09-20 16:23 - 2011-04-13 03:39 - 00477848 _____ C:\Windows\PFRO.log
2013-09-20 16:22 - 2013-09-16 18:58 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-20 15:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-17 17:43 - 2013-09-04 19:08 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-16 20:01 - 2013-07-22 13:32 - 00000000 ____D C:\Users\Martina\AppData\Roaming\SoftGrid Client
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:27 - 2013-09-16 19:26 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:20 - 2013-09-16 19:20 - 00003392 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-16 19:01 - 2013-09-16 18:59 - 00004336 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-updater
2013-09-16 19:01 - 2013-09-16 18:59 - 00004140 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-enabler
2013-09-16 19:01 - 2013-09-16 18:58 - 00004240 _____ C:\Windows\System32\Tasks\LyricsBuddy-1-codedownloader
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\ProgramData\Babylon
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-16 18:56 - 2013-09-14 17:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:48 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-15 16:55 - 2011-03-17 13:52 - 00753170 _____ C:\Windows\system32\perfh019.dat
2013-09-15 16:55 - 2011-03-17 13:52 - 00163102 _____ C:\Windows\system32\perfc019.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00420914 _____ C:\Windows\system32\perfh00D.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00097018 _____ C:\Windows\system32\perfc00D.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00635558 _____ C:\Windows\system32\perfh008.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00123388 _____ C:\Windows\system32\perfc008.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00437042 _____ C:\Windows\system32\prfh0404.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00134404 _____ C:\Windows\system32\prfc0404.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00757588 _____ C:\Windows\system32\prfh0816.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00165166 _____ C:\Windows\system32\prfc0816.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00772068 _____ C:\Windows\system32\perfh013.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00165362 _____ C:\Windows\system32\perfc013.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00768616 _____ C:\Windows\system32\perfh010.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00159106 _____ C:\Windows\system32\perfc010.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00774286 _____ C:\Windows\system32\perfh00C.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00161840 _____ C:\Windows\system32\perfc00C.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00736108 _____ C:\Windows\system32\perfh007.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00161842 _____ C:\Windows\system32\perfc007.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00774026 _____ C:\Windows\system32\perfh00A.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00170734 _____ C:\Windows\system32\perfc00A.dat
2013-09-15 16:55 - 2009-07-14 07:13 - 09152982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-14 18:12 - 2013-09-14 18:12 - 00000000 ____D C:\Users\Martina\AppData\Local\{8C60EA7A-5C03-46D1-9587-6B748569F006}
2013-09-14 17:28 - 2013-09-14 17:27 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 14:39 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 14:35 - 2009-07-14 06:45 - 00271848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-13 10:59 - 2013-07-22 13:31 - 09256470 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-13 10:59 - 2013-07-22 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 10:58 - 2013-07-28 15:40 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 10:55 - 2013-07-20 23:44 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 18:54 - 2013-09-12 18:53 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:53 - 2013-09-12 18:52 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:53 - 2013-07-17 21:39 - 00000000 ____D C:\Users\Martina
2013-09-12 18:49 - 2013-09-12 18:46 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-10 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-07 22:26 - 2013-09-07 21:59 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:55 - 2013-09-07 21:53 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-05 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-09-05 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 17:01 - 2013-09-05 16:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 17:00 - 2013-09-05 16:59 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:09 - 2013-09-04 19:09 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-04 19:09 - 2013-09-04 19:09 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-09-04 19:08 - 2013-09-04 19:08 - 00000000 ____D C:\ProgramData\APN
2013-09-04 19:08 - 2013-07-20 17:43 - 00000000 ____D C:\Users\Martina\AppData\Local\Google
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:05 - 2013-09-04 19:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:53 - 2013-09-04 18:52 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:51 - 2013-09-04 18:49 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe
2013-08-26 12:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

Files to move or delete:
====================
C:\ProgramData\SetWallpaper.exe


Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\APNSetup.exe
C:\Users\Martina\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martina\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe
C:\Users\Martina\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Martina\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-05 17:45

==================== End Of Log ============================
         
--- --- ---

FRST.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by Martina at 2013-09-21 22:30:28
Running from C:\Users\Martina\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

Adobe Flash Player 10 ActiveX (x32 Version: 10.1.85.3)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.32.18)
AMD Accelerated Video Transcoding (Version: 13.20.100.30723)
AMD Catalyst Control Center (x32 Version: 2013.0723.1944.33607)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0723.1944.33607)
AMD Media Foundation Decoders (Version: 1.0.80723.2017)
AMD Wireless Display v3.0 (Version: 1.0.0.13)
Ask Toolbar (x32 Version: 12.3.0.7)
ASUS WebStorage (x32 Version: 3.0.84.161)
AsusVibe2.0 (x32 Version: 2.0.4.617)
Audacity 2.0.4 (x32 Version: 2.0.4)
Bing Bar (x32 Version: 7.0.610.0)
Bookworm Deluxe (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0723.1944.33607)
Catalyst Control Center InstallProxy (x32 Version: 2013.0723.1944.33607)
Catalyst Control Center Localization All (x32 Version: 2013.0723.1944.33607)
CCC Help Chinese Standard (x32 Version: 2013.0723.1943.33607)
CCC Help Chinese Traditional (x32 Version: 2013.0723.1943.33607)
CCC Help Czech (x32 Version: 2013.0723.1943.33607)
CCC Help Danish (x32 Version: 2013.0723.1943.33607)
CCC Help Dutch (x32 Version: 2013.0723.1943.33607)
CCC Help English (x32 Version: 2013.0723.1943.33607)
CCC Help Finnish (x32 Version: 2013.0723.1943.33607)
CCC Help French (x32 Version: 2013.0723.1943.33607)
CCC Help German (x32 Version: 2013.0723.1943.33607)
CCC Help Greek (x32 Version: 2013.0723.1943.33607)
CCC Help Hungarian (x32 Version: 2013.0723.1943.33607)
CCC Help Italian (x32 Version: 2013.0723.1943.33607)
CCC Help Japanese (x32 Version: 2013.0723.1943.33607)
CCC Help Korean (x32 Version: 2013.0723.1943.33607)
CCC Help Norwegian (x32 Version: 2013.0723.1943.33607)
CCC Help Polish (x32 Version: 2013.0723.1943.33607)
CCC Help Portuguese (x32 Version: 2013.0723.1943.33607)
CCC Help Russian (x32 Version: 2013.0723.1943.33607)
CCC Help Spanish (x32 Version: 2013.0723.1943.33607)
CCC Help Swedish (x32 Version: 2013.0723.1943.33607)
CCC Help Thai (x32 Version: 2013.0723.1943.33607)
CCC Help Turkish (x32 Version: 2013.0723.1943.33607)
ccc-utility64 (Version: 2013.0723.1944.33607)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Cooking Dash (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
diamondata 3.0.0 (Version: 3.0.0)
DMUninstaller (x32)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Game Park Console (x32 Version: 6.2.1.1)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32)
Google Update Helper (x32 Version: 1.3.21.153)
Governor of Poker (x32)
Hotel Dash Suite Success (x32)
HydraVision (x32 Version: 4.2.252.0)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software (Version: 13.00.0000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest 3 (x32)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Luxor 3 (x32)
LyricsBuddy-1 (x32 Version: 1.28.153.3)
Mahjongg dimensions (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Nuance PDF Reader (x32 Version: 6.00.0041)
Plants vs Zombies (x32)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Skype™ 6.7 (x32 Version: 6.7.102)
Snap.Do (x32 Version: 1.99.1.11691)
Snap.Do Engine (HKCU Version: 1.99.1.11691)
syncables desktop SE (x32 Version: 5.5.746.11492)
TeamSpeak 3 Client (x32 Version: 3.0.11)
Trend Micro Titanium Internet Security (Version: 3.0)
Trend Micro Titanium Internet Security (Version: 3.00)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Vodafone Mobile Broadband Lite (x32 Version: 10.2.302.33178)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
WinZip 17.5 (x32 Version: 17.5.10562)
World of Goo (x32)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (x32 Version: 15.4.5722.2)
بريد Windows Live (x32 Version: 15.4.3502.0922)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (x32 Version: 15.4.5722.2)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2)

==================== Restore Points  =========================

26-08-2013 10:36:01 Geplanter Prüfpunkt
26-08-2013 10:36:01 Sprachpaketdeinstallation
04-09-2013 17:03:58 Installed Java 7 Update 25
05-09-2013 15:53:03 Sprachpaketdeinstallation
08-09-2013 13:25:46 Windows Update
12-09-2013 16:50:19 WinZip 17.5 wird installiert
13-09-2013 08:50:08 Windows Update
16-09-2013 17:20:57 Uniblue SpeedUpMyPC installation
16-09-2013 17:25:39 Uniblue SpeedUpMyPC installation
17-09-2013 16:56:21 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {39A0B4B3-55FF-4366-A355-ED20C0C99683} - System32\Tasks\LyricsBuddy-1-codedownloader => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-codedownloader.exe
Task: {40EA35F8-14A5-43B2-A5A5-8972B93F93D2} - System32\Tasks\LyricsBuddy-1-chromeinstaller => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-chromeinstaller.exe
Task: {4779C1E1-F5B9-4741-B509-ECF21B2674D0} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {53094008-9A77-41CC-B708-3AD76FD12D39} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {7A51411E-E98B-4BB5-AF1C-F4F856819124} - System32\Tasks\LyricsBuddy-1-enabler => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-enabler.exe
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {899A7F28-45CD-4B2B-8DA3-490ED04C7BC1} - System32\Tasks\EPUpdater => C:\Users\Martina\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {AE222A32-DA60-4634-AF19-AFB89B1D4914} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BA837CFA-DB37-498C-AC5D-CA97F95A0A27} - System32\Tasks\LyricsBuddy-1-updater => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-updater.exe
Task: {D02FCF48-91BA-424B-89AD-30C91DFD2D45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsBuddy-1-chromeinstaller.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-chromeinstaller.exe
Task: C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-codedownloader.exe
Task: C:\Windows\Tasks\LyricsBuddy-1-enabler.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-enabler.exe
Task: C:\Windows\Tasks\LyricsBuddy-1-updater.job => C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-updater.exe

==================== Loaded Modules (whitelisted) =============

2013-07-23 19:34 - 2013-07-23 19:34 - 00241664 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2013-08-20 20:19 - 2013-08-20 20:19 - 00019968 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM\b38de2c9143c4136266c90d991c5078d\MOM.ni.exe
2013-08-20 20:19 - 2013-08-20 20:19 - 00410112 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\bea00db39fd86c455d52dd6775fa0242\MOM.Implementation.ni.dll
2013-08-20 20:05 - 2013-08-20 20:05 - 00137216 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\9b98b63620b9cd7512be5d676b77b5c9\LOG.Foundation.ni.dll
2013-08-20 20:05 - 2013-08-20 20:05 - 00159232 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\8bc6570f6dea157946e24e8d69193c55\LOG.Foundation.Private.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00327680 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\252cb743071128bea5a27f13a70843a1\LOG.Foundation.Implementation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00014336 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\8bb04987b0a8a34afaa2db7823a25175\MOM.Foundation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00090624 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\edba206e6a19e47d7f3322ff74111221\LOG.Foundation.Implementation.Private.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00227840 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\58ab1111444f96722855ee0c342a6047\CCC.Implementation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\0d97f62262df679430c35511a8b9c041\NEWAEM.Foundation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00022016 _____ (ATI Technologies Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC\bb98c6904380f940a447255789c48bc7\CCC.ni.exe
2013-08-20 20:09 - 2013-08-20 20:09 - 00320512 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\ee23f58082aed7d83467fbb36a7b23e6\CLI.Foundation.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00068608 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\5acef3b55a89f20243efdfdbc5f072a9\CLI.Foundation.XManifest.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00248832 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\efbaba9251b807d8db1bc0d092c59ba3\CLI.Component.Runtime.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00169472 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\1d690b4ef80630b504516b6cca950071\CLI.Component.Runtime.Shared.Private.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00099328 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\836cc10e6bcb7597672cb159dc520754\CLI.Foundation.Private.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00014336 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\bfaee30fe5b0629b0b26de1e249ffcaf\CLI.Component.Runtime.Shared.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00134144 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\222b4dc10e359f7ba12558592ba41776\ATICCCom.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00847872 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\9c2531107a9f9df3e31b36600868618b\ADL.Foundation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00286208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\f093a504825e504e52baf107b759d54f\AEM.Server.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00015360 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\bdff999fb509c2ce32ec854e7e1c04db\AEM.Server.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00301568 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b72a58c6c01fee9ea72f12412230020a\AEM.Plugin.Source.Kit.Server.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\7923fc5e4a0d03fb5d66808b38d54d5c\CLI.Foundation.CoreAudioAPI.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\4723f6f876bf8a6e051b77030463bda9\AEM.Plugin.Hotkeys.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00017408 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\df807f6187fc5e11a86a9d723eb68eb2\AEM.Plugin.WinMessages.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00121344 _____ (ATI Technologies Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\9b108d28ad21d983921422621afde31d\DEM.Graphics.I0601.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00018432 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\84876ac2c85156be527a05c5aed0db55\DEM.Graphics.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00027136 _____ (ATI Technologies Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\11cf271cc8a7918c71a74368cb80b5d6\DEM.Foundation.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00041984 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\5eaf649393dc814c03161b9d2eaf111e\DEM.Graphics.I1010.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00014336 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\b41129eaffa9a63bd8b658ac39df4608\AEM.Plugin.REG.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 03129344 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\342cdbf4be065c942b7c8a8297bd1523\CLI.Caste.Graphics.Runtime.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 02656768 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\c3c1d07635630cf43361c7d1bb6c7914\CLI.Caste.Graphics.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00013824 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\f87f3b6739931fa576369f54b2583c3c\AEM.Plugin.GD.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00023552 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\43b246081519f743c7ab46e4fd2edc1c\AEM.Actions.CCAA.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00027136 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\8bbd2cca48624347cdddd913b68cbfac\ResourceManagement.Foundation.Private.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00088576 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\28f181a8d038b1ce868161dddab3317a\DEM.Graphics.I0709.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00019968 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\23c2f4e74b68ac62f81420c2be1ac213\DEM.Graphics.I0804.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00041984 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\0a39c72ab661716918f7fd3626f823a8\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00101376 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\24f7bd4f300d28092d2b83823686d689\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00496640 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\ae241c61cd1ee5fde37947405c124492\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00247296 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\b534060e126688eee4e9888f70ca0975\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00016896 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\1dd37d5e088fef2abf2a250fa3f9d95c\DEM.Graphics.I0912.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\b283b87c0ef08bce5dcaea443ea2524f\DEM.Graphics.I0706.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00014336 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\fa20d7117df100be513a8a217cf67055\DEM.Graphics.I0712.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00329216 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\95c4c63ea3499d4029bdf739f2a53281\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 01051648 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\89ab204b626183ca1909e9bf871eeff9\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00156672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\5ee48d42eb6ee7a7a2a9506787a6b094\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00315904 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\062330f96ee90ab1842a7b4c3de56b22\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00138752 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\39c7c21905677af35c184f32bd64dca2\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00013312 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\379c796e82f0d431f2fe15744d04b139\DEM.Graphics.I0812.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00012288 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\e9e55d1cc2965c38959f55e1ddb151c0\DEM.Graphics.I0805.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00829440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\a0648380d98fb5d589b14f1470598022\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00160768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.abe74207#\24857560580b156e61f222fe9d4e96c1\CLI.Aspect.MultiVPU2.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00264192 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\23098e249acb4a47ada91525644c1f6d\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00015872 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\5b0656c87ed014b41070602b237038b1\DEM.Graphics.I0906.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00146944 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\f85db72608f96d1454bd1e01d08bb829\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00081408 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\7651c0af8b27996188056d437039cf7f\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00018432 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\c135ef979cfdc52ca749734f8b22f376\AEM.Plugin.DPPE.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00917504 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\866b346f1a582da4485aa27dcc25411b\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00395776 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\2f527874531f90b4a66614c48063e4d8\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00013312 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\7d69d30fc479e79c49345b0bc623c0b2\DEM.Graphics.I0702.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00011776 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\adbf3920c53be328bc353ccdd05c7699\DEM.Graphics.I0710.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00012288 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\62c165d116bb1c83d09a09c089756844\DEM.Graphics.I0901.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00053760 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2e7ed76ec4c0127d3ed516e00645b82d\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00115200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\47241efb4a84771162c83f191bcc64f0\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00030720 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\a13941df354a12d8a2dce727d24d5eb9\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\55c8e3601b82cbd113718c65a1308bda\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00352256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\c722221ad416d5f1254e1b2f81554293\CLI.Caste.Fuel.Runtime.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\11214298f96d5ea9ee98682defc092b9\CLI.Caste.Fuel.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00041984 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\4b8c240d3f1621d5a2e4f7ce52068e56\Fuel.Foundation.ni.dll
2013-07-23 19:47 - 2013-07-23 19:47 - 00037888 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll
2013-07-23 19:47 - 2013-07-23 19:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 01026560 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\b0d0c5d63bde55ec5a757dfa8bbe2ec7\Localization.Foundation.Private.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00390656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\dc8faed3c7e31244ea4cbbb8fc17cdaa\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00064512 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\cb3fc521f437f1ab53e00ca0a5471f54\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00090112 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\2c9d0c8c55288de747af793e85c26dfa\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00027136 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\3200c28a25b4c6cc3be81987456dcd13\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00078848 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\25e7dbde022be5adc52ae2ce4b8c8acd\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00052736 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\22ab3f6c52496c37d299a766fc2a96c8\CLI.Caste.Platform.Runtime.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00034304 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\ab81dc88c751b04ac9fa86ff08b9777d\CLI.Caste.Platform.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00049664 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\671cf6cb8da839ad441716bb44b0c5af\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00349184 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\a601c54415dd3e20ee75cfcee5d81a51\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00054272 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\313555b591d3c953346b0c7317454ea4\CLI.Caste.HydraVision.Runtime.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00034304 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\67134d2c7b59a3cdcec61ef810fef656\CLI.Caste.HydraVision.Shared.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00193536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine930f827b#\f555c8ee961eb4a3522cc3cdb58a219d\CLI.Combined.HydraVision.Aspects.Runtime.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00046592 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.bdcffe00#\e81d8995ad873e16423450de8646c941\CLI.Aspect.Grid.HydraVision.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00057856 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.20568423#\61655003fa1ef293a9f6c81c92143620\CLI.Aspect.DeskMan.HydraVision.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00047104 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5432938c#\8930a16308e64b2804a9e6e0424e593b\CLI.Aspect.MDProp.HydraVision.Shared.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00059392 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.dd2ab3e8#\0018a3ac99549224ccf419013fa37516\CLI.Aspect.MultiDesk.HydraVision.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00066048 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.fdcb645d#\5076288d87975f96b2c3eea4aa7e3494\CLI.Aspect.Settings.HydraVision.Shared.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00075264 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\01e6b1b57c4577a055bdb2e71516f271\CLI.Caste.A4.Runtime.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\1e4805c84b53b517c5c56a1ce6cd7972\CLI.Caste.A4.Shared.ni.dll
2013-08-20 20:05 - 2013-08-20 20:05 - 00035840 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\1e8d9985fb55102ea95b1512159af022\A4.Foundation.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00287232 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\2edbbb64fbb6009476bcb23382941f71\APM.Server.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\a0290fd4245f2a9fe30f1dff20c4a0d7\APM.Foundation.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\309b3f0341d77df0b50b60a62f6227ae\CLI.Component.Runtime.Extension.EEU.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 00014848 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\16f6b2cb38011333a42aef7644c15acc\AEM.Plugin.EEU.Shared.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00947712 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\5b1a667af5b03ea39293a5481c7bc2fe\CLI.Component.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00149504 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\55596ae23413409c04109c62252c5124\CLI.Component.Client.Shared.Private.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00022528 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\71356905db36b53ad0f3be135f9ca844\CLI.Component.Client.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00092672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\b21aa6f9ca81211068ed75a9d9c1deb2\CLI.Component.Dashboard.Shared.ni.dll
2013-08-20 20:09 - 2013-08-20 20:09 - 01618432 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\818290901aa3e9595616f1638ac71f1d\CLI.Component.Dashboard.Shared.Private.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00945152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\2445640d58a5c40fa9a451e248691822\CLI.Component.Systemtray.ni.dll
2013-08-20 20:19 - 2013-08-20 20:19 - 00251904 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\0beeeb4e4a4db4788ae07d39097e48ea\ResourceManagement.Foundation.Implementation.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00294912 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\92b8ce30529a4380a8d39390f65e96e7\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00484864 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\345a382336470e1c7b5a50ca061059ca\CLI.Caste.Graphics.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 01591296 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\7450076197a8c9681c7956afd18141fa\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00092160 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\f06514b8bd1beb73706e9d6afa331f2e\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00288256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\8de0526626cfea270efb8525d3ad97c6\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 02692096 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\0d557e720de05b16b1b1a0a3c3d1f975\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00464896 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\160baf0f1f94c78f2b9124b2e1dcccf5\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00075776 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\0b852e9fcdea13e6d41ba2ee982d93ac\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00768512 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\fc214fefb0a6645299954016f2296c0c\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 03340288 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\ee35c72596d905642b997a768c8ad1a5\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00686080 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\971b5d60e9c2dd1e18e144b495cfd447\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00074752 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\dc2fca7a0cf017d05089a398113d1f00\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00160256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\e392812ce31a2c517f659098ba49f63f\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00595968 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\4925360533e84c490e1773d833c8a068\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00105984 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\257be00d3f9e06f87c2bbe4b907f18df\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00032256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\d7d312aa322580e9325bab1988026b5d\CLI.Caste.Fuel.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 01323520 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\71f9da755f2dc3542fcec9e038317399\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00103936 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\8ff63b076d2d6f519558dc948c448ef9\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00068096 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\cf5c3c4dcc75a99c6f897c4edfdbcc57\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2013-08-20 20:13 - 2013-08-20 20:13 - 00157184 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\cedfb62dc7f0e3a25da79f59d1759ee4\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00154624 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\8b58ab490b1bf7852792caf6852cb52e\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\b85ef55c13a3349fa385d5dcaf3688ce\CLI.Caste.Platform.Dashboard.ni.dll
2013-08-20 20:15 - 2013-08-20 20:15 - 00031232 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\cc11cbfad55d11cf54d98f90014372ce\CLI.Caste.HydraVision.Dashboard.ni.dll
2013-08-20 20:14 - 2013-08-20 20:14 - 00032256 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\e60e89eff5f663d3962134e7cfe16ae3\CLI.Caste.A4.Dashboard.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 00955904 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\22a619f99c8c4d605c320fbe3a5249a5\CLI.Foundation.Client.ni.dll
2013-08-20 20:16 - 2013-08-20 20:16 - 00181248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\57cde3008449c3eb932022e56b14881e\CLI.Component.Dashboard.ProfileManager2.ni.dll
2013-08-20 20:12 - 2013-08-20 20:12 - 01675776 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\a9da42a9b67f61904ab700c6fc60ff0d\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2010-04-01 04:55 - 2010-04-01 04:55 - 00221184 _____ ( ) C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\LogicNP.EZNamespaceExtensions.dll
2011-02-21 06:05 - 2011-02-21 06:05 - 00266240 _____ (.) C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\eCaremeDLL.dll
2009-03-02 04:07 - 2009-03-02 04:07 - 00200704 _____ ( ) C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\LogicNP.EZShellExtensions.dll
2013-07-23 17:50 - 2013-07-23 17:50 - 00012656 ____R (WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\wzshls64.dll
2013-07-23 19:35 - 2013-07-23 19:35 - 00217088 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2009-05-06 01:06 - 2009-05-06 01:06 - 00029984 _____ (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\_ispmres.dll
2013-07-23 19:34 - 2013-07-23 19:34 - 00094208 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDeu.dll
2013-07-25 08:52 - 2013-07-25 08:52 - 00088944 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00513536 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Platform.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00059904 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Base.Contracts.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00220672 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Data.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00033792 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.LogEngine.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 01247232 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadbandResources.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00107520 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.DataAccessor.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00139264 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.CommonDialogs.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00040448 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Common.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00013824 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.InstanceProvider.Impl.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00256000 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.ApplicationHost.Impl.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00139776 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Base.Win32.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00123392 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.ReportingManager.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00011776 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Base.Factory.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00007168 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.MobileBroadband.CallbackHandler.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00118784 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\de-DE\MobileBroadbandResources.resources.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00020992 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.SettingsManager.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00031744 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.SmsProfileManager.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 00761856 _____ (SpringSource) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Spring.Core.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 00028672 _____ (hxxp://netcommon.sf.net) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Common.Logging.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00011264 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Contracts.Presenter.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00147968 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Shared.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 02555904 _____ (Infragistics Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Infragistics2.Win.UltraWinToolbars.v9.2.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 00315392 _____ (Infragistics Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Infragistics2.Shared.v9.2.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 03391488 _____ (Infragistics Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Infragistics2.Win.v9.2.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00028160 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Contracts.Common.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00038400 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Core.Contracts.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00041472 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Contracts.Model.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00042496 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.AdvancedView.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00016896 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.StandardView.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00028672 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Contracts.View.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00013824 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.TitleBar.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00147968 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.SecondaryWindows.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00041984 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Notification.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00010240 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Gui.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00015872 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Contracts.Adapter.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00032256 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Status.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00008704 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.TaskBar.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00011264 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Notification.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00011776 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.AlwaysBestConnected.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00045056 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Connection.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00029184 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Shortcut.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00010752 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Branding.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00020992 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Usage.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00021504 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.SecondaryWindows.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00014336 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Progressbar.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00012800 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.VsraPushingUpdates.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00006656 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Prepay.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00005632 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.ManagedToolTip.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00015872 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.Options.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00027648 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Commands.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00122880 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Connection.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00020992 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.DeviceAccess.Contracts.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00059904 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Status.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00024576 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.PreferredConnection.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00025600 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Usage.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00018944 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Prepay.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00025600 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Device.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00029184 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Shortcut.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00012800 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.ShortcutBar.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00012800 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Branding.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00007168 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Messaging.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00011776 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.VsraPushingUpdates.dll
2011-07-14 15:44 - 2011-07-14 15:44 - 00036864 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.AbcHelp.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00013312 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Wizard.dll
2011-07-14 15:44 - 2011-07-14 15:44 - 00019968 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.WhatsNew.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00007680 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.ManagedToolTip.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00011776 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Decorator.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00099328 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Options.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00007680 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Core.CoreInstanceProvider.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00007680 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Core.Interfaces.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00271872 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.BusinessLogic.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00047616 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Vpn.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00071168 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Base.Internals.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00008704 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Model.DialUp.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00012800 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.DeviceAccess.Factory.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00032256 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.LanWlanManager.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00221696 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.ConnectionServices.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00146432 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.DeviceAccess.Internals.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00038912 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.ConnectionManagement.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00019968 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.TrafficOptimiser.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00011264 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.DeviceAccess.Interfaces.dll
2011-07-14 15:40 - 2011-07-14 15:40 - 00349184 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.WwanWrapper.dll
2011-07-12 14:02 - 2011-07-12 14:02 - 02986304 _____ (Smith Micro Software Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\WwanCoreSdk.dll
2011-07-12 14:02 - 2011-07-12 14:02 - 00143680 _____ (Smith Micro Software Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Diagnostic.dll
2011-07-14 15:43 - 2011-07-14 15:43 - 00381952 _____ () C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
2011-07-14 15:45 - 2011-07-14 15:45 - 00006656 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Plugins\Vodafone.Plugin.MbbGuiConfiguration.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 00495616 _____ (Infragistics Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Infragistics2.Win.UltraWinEditors.v9.2.dll
2011-07-12 12:59 - 2011-07-12 12:59 - 00011264 _____ ( ) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Interop.FCCOMINTDLLLib.dll
2011-07-14 15:41 - 2011-07-14 15:41 - 00023552 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.NtServiceMessaging.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00026624 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Core.Remoting.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00052224 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.SmsContactManager.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2011-07-14 15:46 - 2011-07-14 15:46 - 00007168 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Plugins\Vodafone.Plugin.MobileConnectionProfileView.dll
2011-07-12 13:02 - 2011-07-12 13:02 - 01200128 _____ (Infragistics Inc.) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Infragistics2.Win.Misc.v9.2.dll
2011-07-14 15:42 - 2011-07-14 15:42 - 00012288 _____ (Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.UpdateManager.dll
2009-05-06 01:06 - 2009-05-06 01:06 - 00443680 _____ (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\_isusres.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-04 18:56 - 2013-09-02 22:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) ======


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2013 03:00:35 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/20/2013 04:24:02 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (09/20/2013 03:58:51 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (09/20/2013 03:58:11 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


System errors:
=============
Error: (09/21/2013 03:16:07 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2013 03:58:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/20/2013 03:58:45 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (09/20/2013 03:58:09 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎20.‎09.‎2013 um 15:57:12 unerwartet heruntergefahren.

Error: (09/19/2013 07:20:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/19/2013 07:20:27 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (09/19/2013 06:57:46 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (09/18/2013 08:22:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/18/2013 08:22:25 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (09/18/2013 08:20:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (09/21/2013 03:00:35 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name43900

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name25900

Error: (09/21/2013 03:00:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name17900

Error: (09/20/2013 04:24:02 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name43900

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name25900

Error: (09/20/2013 04:23:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name17900

Error: (09/20/2013 03:58:51 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue

Error: (09/20/2013 03:58:11 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path name43900


==================== Memory info =========================== 

Percentage of memory in use: 58%
Total physical RAM: 3691.66 MB
Available physical RAM: 1534.76 MB
Total Pagefile: 7381.5 MB
Available Pagefile: 5044.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:440.76 GB) (Free:393.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B2A0A341)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=441 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Addition

Ich hoffe ich habe alles richtig gemacht
__________________

Alt 22.09.2013, 13:26   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.09.2013, 15:26   #5
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Code:
ATTFilter
# AdwCleaner v3.004 - Bericht erstellt am 22/09/2013 um 15:19:54
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Martina - MEINPC
# Gestartet von : C:\Users\Martina\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\delta
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Temp\apn
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Schlüssel Gelöscht : HKCU\Software\534ded9bd35e514
Schlüssel Gelöscht : HKLM\SOFTWARE\534ded9bd35e514
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SmartbarBackup
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v29.0.1547.66

[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [8235 octets] - [22/09/2013 15:18:36]
AdwCleaner[S0].txt - [7231 octets] - [22/09/2013 15:19:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7291 octets] ##########
         


Alt 22.09.2013, 20:08   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



JRT? Frisches FRST Log?
__________________
--> Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen

Alt 22.09.2013, 21:59   #7
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Martina on 22.09.2013 at 15:30:16,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-365069289-1572837218-2119128284-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422162272}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422182268}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422162272}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422182268}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-1-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-1-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_RASAPI32



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-updater.job



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Martina\appdata\local\{8C60EA7A-5C03-46D1-9587-6B748569F006}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.09.2013 at 16:17:19,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by Martina (administrator) on MEINPC on 22-09-2013 21:15:30
Running from C:\Users\Martina\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VizorHtmlDialog.exe] - C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-07-23] (AMD)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
MountPoints2: {024eaf0f-02ac-11e3-a0a8-14dae9e7f698} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316e6c-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316f42-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {e2e6e8e4-f08b-11e2-aa1e-abdc806fe5c8} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [357 2013-09-22] ()
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [MobileBroadband] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [279552 2011-07-14] (Vodafone)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-07-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-07-23] (Advanced Micro Devices, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [79872 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [58880 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [14336 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [56320 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [56320 2011-05-20] (Vodafone)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:17 - 2013-09-22 15:20 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:30 - 2013-09-21 22:31 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 15:23 - 2013-09-21 15:24 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:05 - 2013-09-21 15:13 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:05 - 2013-09-21 15:09 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:26 - 2013-09-16 19:27 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:27 - 2013-09-21 15:26 - 00000000 ____D C:\Fraps
2013-09-14 17:28 - 2013-09-16 18:56 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-14 17:27 - 2013-09-14 17:28 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 10:59 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 10:59 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 10:59 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 18:53 - 2013-09-21 15:22 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-12 18:53 - 2013-09-12 18:54 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:52 - 2013-09-12 18:53 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:46 - 2013-09-12 18:49 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-12 14:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 14:50 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 14:50 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 14:50 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 14:50 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 14:50 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 14:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 14:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 14:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 14:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 14:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 21:59 - 2013-09-07 22:26 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:53 - 2013-09-07 21:55 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 16:59 - 2013-09-05 17:00 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:58 - 2013-09-05 17:01 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-09-17 17:43 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:06 - 2013-09-04 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-22 15:22 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:52 - 2013-09-04 18:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:49 - 2013-09-04 18:51 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

==================== One Month Modified Files and Folders =======

2013-09-22 20:44 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 19:54 - 2013-07-18 06:06 - 01413573 _____ C:\Windows\WindowsUpdate.log
2013-09-22 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:29 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 15:29 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:22 - 2013-09-04 18:53 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-22 15:22 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-22 15:21 - 2011-04-13 03:39 - 00495490 _____ C:\Windows\PFRO.log
2013-09-22 15:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 15:21 - 2009-07-14 06:51 - 00065059 _____ C:\Windows\setupact.log
2013-09-22 15:20 - 2013-09-22 15:17 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:31 - 2013-09-21 22:30 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-21 15:26 - 2013-09-16 18:27 - 00000000 ____D C:\Fraps
2013-09-21 15:24 - 2013-09-21 15:23 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:22 - 2013-09-12 18:53 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-21 15:16 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 15:13 - 2013-09-21 15:05 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:09 - 2013-09-21 15:05 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-20 15:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-17 17:43 - 2013-09-04 19:08 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-16 20:01 - 2013-07-22 13:32 - 00000000 ____D C:\Users\Martina\AppData\Roaming\SoftGrid Client
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:27 - 2013-09-16 19:26 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:56 - 2013-09-14 17:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:48 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-15 16:55 - 2011-03-17 13:52 - 00753170 _____ C:\Windows\system32\perfh019.dat
2013-09-15 16:55 - 2011-03-17 13:52 - 00163102 _____ C:\Windows\system32\perfc019.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00420914 _____ C:\Windows\system32\perfh00D.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00097018 _____ C:\Windows\system32\perfc00D.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00635558 _____ C:\Windows\system32\perfh008.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00123388 _____ C:\Windows\system32\perfc008.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00437042 _____ C:\Windows\system32\prfh0404.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00134404 _____ C:\Windows\system32\prfc0404.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00757588 _____ C:\Windows\system32\prfh0816.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00165166 _____ C:\Windows\system32\prfc0816.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00772068 _____ C:\Windows\system32\perfh013.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00165362 _____ C:\Windows\system32\perfc013.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00768616 _____ C:\Windows\system32\perfh010.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00159106 _____ C:\Windows\system32\perfc010.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00774286 _____ C:\Windows\system32\perfh00C.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00161840 _____ C:\Windows\system32\perfc00C.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00736108 _____ C:\Windows\system32\perfh007.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00161842 _____ C:\Windows\system32\perfc007.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00774026 _____ C:\Windows\system32\perfh00A.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00170734 _____ C:\Windows\system32\perfc00A.dat
2013-09-15 16:55 - 2009-07-14 07:13 - 09152982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-14 17:28 - 2013-09-14 17:27 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 14:39 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 14:35 - 2009-07-14 06:45 - 00271848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-13 10:59 - 2013-07-22 13:31 - 09256470 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-13 10:59 - 2013-07-22 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 10:58 - 2013-07-28 15:40 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 10:55 - 2013-07-20 23:44 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 18:54 - 2013-09-12 18:53 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:53 - 2013-09-12 18:52 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:53 - 2013-07-17 21:39 - 00000000 ____D C:\Users\Martina
2013-09-12 18:49 - 2013-09-12 18:46 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-10 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-07 22:26 - 2013-09-07 21:59 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:55 - 2013-09-07 21:53 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 17:01 - 2013-09-05 16:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 17:00 - 2013-09-05 16:59 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-07-20 17:43 - 00000000 ____D C:\Users\Martina\AppData\Local\Google
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:05 - 2013-09-04 19:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:53 - 2013-09-04 18:52 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:51 - 2013-09-04 18:49 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

Files to move or delete:
====================
C:\ProgramData\SetWallpaper.exe


Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\APNSetup.exe
C:\Users\Martina\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martina\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe
C:\Users\Martina\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 16:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by Martina (administrator) on MEINPC on 22-09-2013 21:15:30
Running from C:\Users\Martina\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VizorHtmlDialog.exe] - C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-07-23] (AMD)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
MountPoints2: {024eaf0f-02ac-11e3-a0a8-14dae9e7f698} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316e6c-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316f42-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {e2e6e8e4-f08b-11e2-aa1e-abdc806fe5c8} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [357 2013-09-22] ()
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [MobileBroadband] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [279552 2011-07-14] (Vodafone)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-07-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-07-23] (Advanced Micro Devices, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [79872 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [58880 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [14336 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [56320 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [56320 2011-05-20] (Vodafone)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:17 - 2013-09-22 15:20 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:30 - 2013-09-21 22:31 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 15:23 - 2013-09-21 15:24 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:05 - 2013-09-21 15:13 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:05 - 2013-09-21 15:09 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:26 - 2013-09-16 19:27 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:27 - 2013-09-21 15:26 - 00000000 ____D C:\Fraps
2013-09-14 17:28 - 2013-09-16 18:56 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-14 17:27 - 2013-09-14 17:28 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 10:59 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 10:59 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 10:59 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 18:53 - 2013-09-21 15:22 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-12 18:53 - 2013-09-12 18:54 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:52 - 2013-09-12 18:53 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:46 - 2013-09-12 18:49 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-12 14:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 14:50 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 14:50 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 14:50 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 14:50 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 14:50 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 14:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 14:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 14:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 14:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 14:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 21:59 - 2013-09-07 22:26 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:53 - 2013-09-07 21:55 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 16:59 - 2013-09-05 17:00 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:58 - 2013-09-05 17:01 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-09-17 17:43 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:06 - 2013-09-04 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-22 15:22 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:52 - 2013-09-04 18:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:49 - 2013-09-04 18:51 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

==================== One Month Modified Files and Folders =======

2013-09-22 20:44 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 19:54 - 2013-07-18 06:06 - 01413573 _____ C:\Windows\WindowsUpdate.log
2013-09-22 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-09-22 17:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:29 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 15:29 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:22 - 2013-09-04 18:53 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-22 15:22 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-22 15:21 - 2011-04-13 03:39 - 00495490 _____ C:\Windows\PFRO.log
2013-09-22 15:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 15:21 - 2009-07-14 06:51 - 00065059 _____ C:\Windows\setupact.log
2013-09-22 15:20 - 2013-09-22 15:17 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:31 - 2013-09-21 22:30 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:27 - 2013-09-21 22:27 - 01956670 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-21 22:26 - 2013-09-21 22:26 - 01089757 _____ (Farbar) C:\Users\Martina\Downloads\FRST.exe
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-21 15:26 - 2013-09-16 18:27 - 00000000 ____D C:\Fraps
2013-09-21 15:24 - 2013-09-21 15:23 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:22 - 2013-09-12 18:53 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-21 15:16 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 15:13 - 2013-09-21 15:05 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:09 - 2013-09-21 15:05 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-20 15:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-17 17:43 - 2013-09-04 19:08 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-16 20:01 - 2013-07-22 13:32 - 00000000 ____D C:\Users\Martina\AppData\Roaming\SoftGrid Client
2013-09-16 19:28 - 2013-09-16 19:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:27 - 2013-09-16 19:26 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:56 - 2013-09-14 17:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:48 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-15 16:55 - 2011-03-17 13:52 - 00753170 _____ C:\Windows\system32\perfh019.dat
2013-09-15 16:55 - 2011-03-17 13:52 - 00163102 _____ C:\Windows\system32\perfc019.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00420914 _____ C:\Windows\system32\perfh00D.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00097018 _____ C:\Windows\system32\perfc00D.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00635558 _____ C:\Windows\system32\perfh008.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00123388 _____ C:\Windows\system32\perfc008.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00437042 _____ C:\Windows\system32\prfh0404.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00134404 _____ C:\Windows\system32\prfc0404.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00757588 _____ C:\Windows\system32\prfh0816.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00165166 _____ C:\Windows\system32\prfc0816.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00772068 _____ C:\Windows\system32\perfh013.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00165362 _____ C:\Windows\system32\perfc013.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00768616 _____ C:\Windows\system32\perfh010.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00159106 _____ C:\Windows\system32\perfc010.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00774286 _____ C:\Windows\system32\perfh00C.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00161840 _____ C:\Windows\system32\perfc00C.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00736108 _____ C:\Windows\system32\perfh007.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00161842 _____ C:\Windows\system32\perfc007.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00774026 _____ C:\Windows\system32\perfh00A.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00170734 _____ C:\Windows\system32\perfc00A.dat
2013-09-15 16:55 - 2009-07-14 07:13 - 09152982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-14 17:28 - 2013-09-14 17:27 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 14:39 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 14:35 - 2009-07-14 06:45 - 00271848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-13 10:59 - 2013-07-22 13:31 - 09256470 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-13 10:59 - 2013-07-22 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 10:58 - 2013-07-28 15:40 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 10:55 - 2013-07-20 23:44 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 18:54 - 2013-09-12 18:53 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:53 - 2013-09-12 18:52 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:53 - 2013-07-17 21:39 - 00000000 ____D C:\Users\Martina
2013-09-12 18:49 - 2013-09-12 18:46 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-10 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-07 22:26 - 2013-09-07 21:59 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:55 - 2013-09-07 21:53 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 17:01 - 2013-09-05 16:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 17:00 - 2013-09-05 16:59 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-07-20 17:43 - 00000000 ____D C:\Users\Martina\AppData\Local\Google
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:05 - 2013-09-04 19:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:53 - 2013-09-04 18:52 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:51 - 2013-09-04 18:49 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

Files to move or delete:
====================
C:\ProgramData\SetWallpaper.exe


Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\APNSetup.exe
C:\Users\Martina\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martina\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe
C:\Users\Martina\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 16:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Martina on 22.09.2013 at 15:30:16,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-1.3
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-365069289-1572837218-2119128284-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422162272}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422182268}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422162272}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422182268}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SuperLyrics-1-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366126657}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466166672}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466186668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SuperLyrics-1-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_RASAPI32



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\LyricsBuddy-1-updater.job



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Martina\appdata\local\{8C60EA7A-5C03-46D1-9587-6B748569F006}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.09.2013 at 16:17:19,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 23.09.2013, 10:15   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.09.2013, 14:48   #9
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Einmal das Logfile vom ersten Programm (nicht das ich es ausversehen noch lösche )

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5d220d233241064a955850075d99167e
# engine=15231
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-25 10:11:17
# local_time=2013-09-26 12:11:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 66 85 5485989 131776927 0 0
# scanned=295493
# found=0
# cleaned=0
# scan_time=21450
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013
Ran by Martina (administrator) on MEINPC on 26-09-2013 14:32:31
Running from C:\Users\Martina\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
() C:\Users\Martina\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VizorHtmlDialog.exe] - C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-07-23] (AMD)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex [232912 2011-04-13] (Adobe Systems, Inc.)
MountPoints2: {024eaf0f-02ac-11e3-a0a8-14dae9e7f698} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316e6c-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {4a316f42-f14f-11e2-ba73-b20fdac775cb} - E:\setup_vmb_lite.exe /checkApplicationPresence
MountPoints2: {e2e6e8e4-f08b-11e2-aa1e-abdc806fe5c8} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [357 2013-09-23] ()
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [MobileBroadband] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [279552 2011-07-14] (Vodafone)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-07-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-07-23] (Advanced Micro Devices, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [79872 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [58880 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [14336 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [56320 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [56320 2011-05-20] (Vodafone)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-26 14:31 - 2013-09-26 14:32 - 01956432 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-26 14:13 - 2013-09-26 14:13 - 00891144 _____ C:\Users\Martina\Downloads\SecurityCheck.exe
2013-09-23 18:09 - 2013-09-23 18:09 - 02347384 _____ (ESET) C:\Users\Martina\Downloads\esetsmartinstaller_enu.exe
2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:17 - 2013-09-22 15:20 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:30 - 2013-09-21 22:31 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 15:23 - 2013-09-21 15:24 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:05 - 2013-09-21 15:13 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:05 - 2013-09-21 15:09 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-16 19:28 - 2013-09-22 21:51 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-16 19:26 - 2013-09-16 19:27 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:27 - 2013-09-21 15:26 - 00000000 ____D C:\Fraps
2013-09-14 17:28 - 2013-09-16 18:56 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-14 17:27 - 2013-09-14 17:28 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 10:59 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 10:59 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 10:59 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 10:59 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 10:59 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 10:59 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 10:59 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 10:59 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 10:59 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 18:53 - 2013-09-21 15:22 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-12 18:53 - 2013-09-12 18:54 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:52 - 2013-09-12 18:53 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:46 - 2013-09-12 18:49 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-12 14:50 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 14:50 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 14:50 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 14:50 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 14:50 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 14:50 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 14:50 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 14:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 14:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 14:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 14:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 14:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 14:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 14:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 14:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 14:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 14:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 14:49 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 14:49 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 21:59 - 2013-09-07 22:26 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:53 - 2013-09-07 21:55 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 16:59 - 2013-09-05 17:00 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:58 - 2013-09-05 17:01 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-09-17 17:43 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:06 - 2013-09-04 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:06 - 2013-09-04 19:05 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:06 - 2013-09-04 19:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-25 22:16 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:52 - 2013-09-04 18:53 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:49 - 2013-09-04 18:51 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

==================== One Month Modified Files and Folders =======

2013-09-26 14:32 - 2013-09-26 14:31 - 01956432 _____ (Farbar) C:\Users\Martina\Downloads\FRST64.exe
2013-09-26 14:13 - 2013-09-26 14:13 - 00891144 _____ C:\Users\Martina\Downloads\SecurityCheck.exe
2013-09-26 14:01 - 2013-07-18 06:06 - 01480242 _____ C:\Windows\WindowsUpdate.log
2013-09-26 13:44 - 2011-04-13 04:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-26 00:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-26 00:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-09-26 00:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-25 22:21 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-25 22:21 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-25 22:16 - 2013-09-04 18:53 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2013-09-23 18:09 - 2013-09-23 18:09 - 02347384 _____ (ESET) C:\Users\Martina\Downloads\esetsmartinstaller_enu.exe
2013-09-23 18:03 - 2011-04-13 04:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-23 18:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 18:03 - 2009-07-14 06:51 - 00065115 _____ C:\Windows\setupact.log
2013-09-22 23:59 - 2013-07-22 13:32 - 00000000 ____D C:\Users\Martina\AppData\Roaming\SoftGrid Client
2013-09-22 21:51 - 2013-09-16 19:28 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-22 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-22 16:17 - 2013-09-22 16:17 - 00004289 _____ C:\Users\Martina\Desktop\JRT.txt
2013-09-22 15:29 - 2013-09-22 15:29 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT (1).exe
2013-09-22 15:27 - 2013-09-22 15:27 - 01030038 _____ (Thisisu) C:\Users\Martina\Downloads\JRT.exe
2013-09-22 15:27 - 2013-09-22 15:27 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 15:21 - 2011-04-13 03:39 - 00495490 _____ C:\Windows\PFRO.log
2013-09-22 15:20 - 2013-09-22 15:17 - 00000000 ____D C:\AdwCleaner
2013-09-22 15:17 - 2013-09-22 15:17 - 01039554 _____ C:\Users\Martina\Downloads\adwcleaner.exe
2013-09-21 22:31 - 2013-09-21 22:30 - 00064789 _____ C:\Users\Martina\Downloads\Addition.txt
2013-09-21 22:28 - 2013-09-21 22:28 - 00000000 ____D C:\FRST
2013-09-21 22:22 - 2013-09-21 22:22 - 00264241 _____ C:\Users\Martina\Downloads\msert (2).exe
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-21 15:26 - 2013-09-16 18:27 - 00000000 ____D C:\Fraps
2013-09-21 15:24 - 2013-09-21 15:23 - 00000041 _____ C:\Users\Martina\AppData\Roaming\mbam.context.scan
2013-09-21 15:22 - 2013-09-12 18:53 - 00000000 ____D C:\Users\Martina\AppData\Local\WinZip
2013-09-21 15:16 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 15:13 - 2013-09-21 15:05 - 90707728 _____ (Microsoft Corporation) C:\Users\Martina\Downloads\msert (1).exe
2013-09-21 15:09 - 2013-09-21 15:05 - 37748736 _____ C:\Users\Martina\Downloads\msert.exe
2013-09-20 15:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 20:34 - 2013-09-18 20:34 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 20:33 - 2013-09-18 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 20:31 - 2013-09-18 20:31 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader (1).exe
2013-09-18 20:30 - 2013-09-18 20:30 - 00614816 _____ C:\Users\Martina\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-09-17 17:43 - 2013-09-04 19:08 - 00000000 ____D C:\Users\Martina\AppData\Roaming\.minecraft
2013-09-16 19:27 - 2013-09-16 19:26 - 00002574 _____ C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-09-16 19:00 - 2013-09-16 19:00 - 00000000 ____D C:\Users\Martina\AppData\Local\avgchrome
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-16 18:56 - 2013-09-14 17:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Audacity
2013-09-16 18:50 - 2013-09-16 18:50 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martina\Downloads\setup.exe
2013-09-16 18:48 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-15 16:55 - 2011-03-17 13:52 - 00753170 _____ C:\Windows\system32\perfh019.dat
2013-09-15 16:55 - 2011-03-17 13:52 - 00163102 _____ C:\Windows\system32\perfc019.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00420914 _____ C:\Windows\system32\perfh00D.dat
2013-09-15 16:55 - 2011-02-19 07:02 - 00097018 _____ C:\Windows\system32\perfc00D.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00635558 _____ C:\Windows\system32\perfh008.dat
2013-09-15 16:55 - 2011-02-19 06:56 - 00123388 _____ C:\Windows\system32\perfc008.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00437042 _____ C:\Windows\system32\prfh0404.dat
2013-09-15 16:55 - 2011-02-19 06:51 - 00134404 _____ C:\Windows\system32\prfc0404.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00757588 _____ C:\Windows\system32\prfh0816.dat
2013-09-15 16:55 - 2011-02-19 06:45 - 00165166 _____ C:\Windows\system32\prfc0816.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00772068 _____ C:\Windows\system32\perfh013.dat
2013-09-15 16:55 - 2011-02-19 06:40 - 00165362 _____ C:\Windows\system32\perfc013.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00768616 _____ C:\Windows\system32\perfh010.dat
2013-09-15 16:55 - 2011-02-19 06:35 - 00159106 _____ C:\Windows\system32\perfc010.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00774286 _____ C:\Windows\system32\perfh00C.dat
2013-09-15 16:55 - 2011-02-19 06:29 - 00161840 _____ C:\Windows\system32\perfc00C.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00736108 _____ C:\Windows\system32\perfh007.dat
2013-09-15 16:55 - 2011-02-19 06:24 - 00161842 _____ C:\Windows\system32\perfc007.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00774026 _____ C:\Windows\system32\perfh00A.dat
2013-09-15 16:55 - 2011-02-19 06:19 - 00170734 _____ C:\Windows\system32\perfc00A.dat
2013-09-15 16:55 - 2009-07-14 07:13 - 09152982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-14 17:28 - 2013-09-14 17:27 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-09-13 14:39 - 2013-07-17 21:40 - 00000000 ___RD C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 14:35 - 2009-07-14 06:45 - 00271848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-09-13 11:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-13 10:59 - 2013-07-22 13:31 - 09256470 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-13 10:59 - 2013-07-22 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 10:58 - 2013-07-28 15:40 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 10:55 - 2013-07-20 23:44 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 18:54 - 2013-09-12 18:53 - 00000000 ____D C:\ProgramData\WinZip
2013-09-12 18:53 - 2013-09-12 18:53 - 00002233 _____ C:\Users\Public\Desktop\WinZip.lnk
2013-09-12 18:53 - 2013-09-12 18:52 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-09-12 18:53 - 2013-07-17 21:39 - 00000000 ____D C:\Users\Martina
2013-09-12 18:49 - 2013-09-12 18:46 - 51158528 _____ C:\Users\Martina\Downloads\wz175-32gev.msi
2013-09-10 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-07 22:26 - 2013-09-07 21:59 - 00000000 ____D C:\Users\Martina\AppData\Roaming\TS3Client
2013-09-07 21:56 - 2013-09-07 21:56 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-07 21:55 - 2013-09-07 21:53 - 33856880 _____ (TeamSpeak Systems GmbH) C:\Users\Martina\Downloads\TeamSpeak3-Client-win32-3.0.11.1.exe
2013-09-05 17:02 - 2013-09-05 17:02 - 00000000 _____ C:\Users\Martina\Downloads\server.log
2013-09-05 17:01 - 2013-09-05 16:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\ftblauncher
2013-09-05 17:00 - 2013-09-05 16:59 - 00000000 ____D C:\Users\Martina\Downloads\FTBLite
2013-09-05 16:56 - 2013-09-05 16:56 - 00512825 _____ () C:\Users\Martina\Downloads\FTB_Launcher.exe
2013-09-04 21:23 - 2013-09-04 21:23 - 364271170 _____ C:\Windows\MEMORY.DMP
2013-09-04 21:23 - 2013-09-04 21:23 - 00275272 _____ C:\Windows\Minidump\090413-28345-01.dmp
2013-09-04 21:23 - 2013-09-04 21:23 - 00000000 ____D C:\Windows\Minidump
2013-09-04 19:08 - 2013-07-20 17:43 - 00000000 ____D C:\Users\Martina\AppData\Local\Google
2013-09-04 19:06 - 2013-09-04 19:06 - 00000000 ____D C:\ProgramData\Sun
2013-09-04 19:05 - 2013-09-04 19:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-04 19:05 - 2013-09-04 19:06 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-04 19:05 - 2013-09-04 19:06 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-04 19:05 - 2013-09-04 19:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-04 19:01 - 2013-09-04 19:01 - 00903080 _____ (Oracle Corporation) C:\Users\Martina\Downloads\chromeinstall-7u25.exe
2013-09-04 18:57 - 2013-09-04 18:57 - 00675988 _____ C:\Users\Martina\Downloads\Minecraft.exe
2013-09-04 18:53 - 2013-09-04 18:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 18:53 - 2013-09-04 18:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-04 18:53 - 2013-09-04 18:52 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 18:51 - 2013-09-04 18:49 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Martina\Downloads\SkypeSetupFull_6.7.102.exe

Files to move or delete:
====================
C:\ProgramData\SetWallpaper.exe


Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\APNSetup.exe
C:\Users\Martina\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martina\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Martina\AppData\Local\Temp\google-chrome.exe
C:\Users\Martina\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 16:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Trend Micro Titanium Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 10 Flash Player out of Date! 
 Google Chrome 29.0.1547.66  
 Google Chrome 29.0.1547.76  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Trend Micro Titanium TiMiniService.exe  
 Trend Micro Titanium TiResumeSrv.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Die Probleme treten nur noch bei Chrome auf. Bei IE nicht. Werde jetzt Chrome runterschmeißen und Firefox installieren

Ich hoffe, dass sich das dann geklärt hat, ansonsten melde ich mich nochmal
Vielen Dank für deine Hilfe!

Alt 26.09.2013, 20:49   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.09.2013, 15:27   #11
Annchen
 
Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2013
Ran by Martina at 2013-09-27 15:14:15 Run:1
Running from C:\Users\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: SuperLyrics-1 - {11111111-1111-1111-1111-110411161172} - C:\Program Files (x86)\SuperLyrics-1\SuperLyrics-1-bho64.dll No File
BHO: LyricsBuddy-1 - {11111111-1111-1111-1111-110411181168} - C:\Program Files (x86)\LyricsBuddy-1\LyricsBuddy-1-bho64.dll No File
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (LyricsBuddy-1) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia\1.24.10_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.24.70_0
2013-09-18 20:51 - 2013-09-18 20:52 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-16 18:58 - 2013-09-21 20:53 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-09-16 18:58 - 2013-09-16 18:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-09-21 20:53 - 2013-09-16 18:58 - 00000000 ____D C:\Program Files (x86)\LyricsBuddy-1
2013-09-18 20:52 - 2013-09-18 20:51 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
         
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110311121157} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411161172} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411161172} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181168} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411181168} => Key deleted successfully.
CHR DefaultSearchURL: (Search the web (Babylon)) - hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=820016DE2B47A529&affID=120523&tsp=5007 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Search the web (Babylon)) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia directory not found.
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl directory not found.
C:\Windows\System32\Tasks\BitGuard => Moved successfully.
C:\Program Files (x86)\LyricsBuddy-1 => Moved successfully.
C:\Windows\SysWOW64\searchplugins => Moved successfully.
C:\Windows\SysWOW64\Extensions => Moved successfully.
"C:\Program Files (x86)\LyricsBuddy-1" => File/Directory not found.
"C:\Windows\System32\Tasks\BitGuard" => File/Directory not found.

==== End of Fixlog ====
         
Alles geklärt

Vielen Dank!

Alt 28.09.2013, 13:00   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Standard

Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen
administrator, anti-malware, appdata, b.exe, desktop, dsearchlink, explorer, gelöscht, meldung, pup.optional.adtool, pup.optional.babylon.a, pup.optional.delta, pup.optional.delta.a, pup.optional.deltatb, pup.optional.diamondata.a, pup.optional.lyrics.a, pup.optional.performersoft.a, pup.optional.vit, pup.optional.vit.a, pup.optionalbundleinstaller.a, quarantäne, software, test, unterstrichen, werbung



Ähnliche Themen: Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen


  1. Probleme mit Browser-Redirecting und merkwürdige Programme installiert
    Log-Analyse und Auswertung - 28.12.2014 (7)
  2. Eventuell BKA, GVU Trojaner etc. -> 100€ Zahlen per Paysafe - Erste Schritte unternommen Hilfe für logs?
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (7)
  3. Der Laptop meiner Freundin hat kein Internet mehr und es wurde bereits viel Malware entdeckt.
    Log-Analyse und Auswertung - 17.06.2014 (17)
  4. Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups
    Log-Analyse und Auswertung - 22.01.2014 (6)
  5. Tube Saver auf dem Rechner - erste Maßnahmen bereits ergriffen
    Log-Analyse und Auswertung - 04.09.2013 (7)
  6. Merkwürdige, plötzlich auftauchende Fake-Popups. Virus?
    Log-Analyse und Auswertung - 05.07.2013 (15)
  7. Snap.do und QuickShare eingefangen, erste Schritte schon unternommen
    Plagegeister aller Art und deren Bekämpfung - 13.04.2013 (9)
  8. GVU Trojaner, bisher noch nichts unternommen
    Plagegeister aller Art und deren Bekämpfung - 17.02.2013 (30)
  9. GVU Trojaner auf 64bit Win7 Laptop bereits entfernt?
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (22)
  10. gema-trojaner auf laptop, otl-scan bereits durchgeführt
    Log-Analyse und Auswertung - 29.05.2012 (8)
  11. Win 7 - Gema-Trojaner 2.01 - diverse Schritte bereits umgesetzt - Desktop noch schwarz ohne Icons
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (11)
  12. Desktop Security 2010 plagt meinen Laptop.Alles versuche vergeblich, kommt nach Neustart wieder.
    Plagegeister aller Art und deren Bekämpfung - 06.08.2010 (2)
  13. Stänidge Popups auf dem Desktop
    Plagegeister aller Art und deren Bekämpfung - 26.01.2008 (14)
  14. Popups im Browser
    Log-Analyse und Auswertung - 13.11.2007 (1)
  15. lächerlich hohe Auslastung und merkwürdige Popups
    Mülltonne - 28.08.2007 (0)
  16. Desktop Popups
    Log-Analyse und Auswertung - 03.01.2007 (3)
  17. Browser spinnt - Öffnet sich automatisch mit Popups und Swf Popups
    Log-Analyse und Auswertung - 03.03.2006 (6)

Zum Thema Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen - Guten abend, ich hoffe ihr könnt mir helfen, ich sitze schon seit einigen Stunden am Laptop meiner Mutter und versuche den Virus (oder was auch immer das ist) herunterzubekommen. Der - Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen...
Archiv
Du betrachtest: Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.