Wie kriege ich do-search weg?

schrauber · 03.12.2013, 09:42

Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

immer noch? Wenn ja frisches FRST log bitte.

pschefe · 03.12.2013, 10:11

Ja, leider immer noch;-(

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by Pia (administrator) on PIAPC on 03-12-2013 10:08:15
Running from C:\Users\Pia\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11049576 2010-07-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [54632 2011-01-14] (Lenovo Group Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-08] (Google Inc.)
MountPoints2: {3e2d6695-e17a-11e1-9307-806e6f6e6963} - Q:\LenovoQDrive.exe
MountPoints2: {8122f567-df36-11e2-a227-089e011496c7} - E:\MI.exe
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1129832 2010-08-24] (Lenovo Group Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2009-03-24] ()
AppInit_DLLs:   [ ] ()
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR RestoreOnStartup: "https://mail.google.com/mail/u/0/#inbox"
CHR Extension: (Google Docs) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-15] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [205952 2009-11-23] (SMI)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 10:08 - 2013-12-03 10:08 - 00013814 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-03 10:05 - 2013-12-03 10:05 - 01959434 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-02 12:54 - 2013-12-02 12:54 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-27 15:45 - 2013-11-27 15:51 - 00000000 ____D C:\Users\Pia\Desktop\Fotos
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:51 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 15:44 - 2013-11-26 15:52 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:10 - 2013-11-24 14:11 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 14:09 - 2013-11-25 15:38 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-24 14:09 - 2013-11-24 14:09 - 00000000 ____D C:\FRST
2013-11-24 13:31 - 2013-11-24 22:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-23 12:45 - 2013-11-23 16:23 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-18 20:14 - 2013-11-20 03:06 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log
2013-11-18 20:11 - 2013-11-18 20:14 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-16 00:26 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-14 23:07 - 2013-11-23 12:39 - 00000000 ____D C:\Users\Pia\PAD
2013-11-14 16:20 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 16:20 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 16:20 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 16:19 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 16:19 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 16:19 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 16:19 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 16:19 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 16:19 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 16:19 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 16:19 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 16:19 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 16:19 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 16:19 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 16:19 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-03 10:09 - 2013-12-03 10:08 - 00013814 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-03 10:05 - 2013-12-03 10:05 - 01959434 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-03 10:03 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:03 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 10:01 - 2012-11-22 18:05 - 00000000 ____D C:\Users\Pia\AppData\Local\CrashDumps
2013-12-03 09:56 - 2012-10-03 04:52 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Dropbox
2013-12-03 09:55 - 2012-10-03 05:01 - 00000000 ___RD C:\Users\Pia\Dropbox
2013-12-03 09:55 - 2012-08-08 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 09:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 09:55 - 2009-07-14 05:51 - 00106649 _____ C:\Windows\setupact.log
2013-12-03 09:54 - 2012-08-08 18:01 - 01541037 _____ C:\Windows\WindowsUpdate.log
2013-12-03 09:48 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 23:40 - 2012-09-27 02:01 - 00000000 ____D C:\Users\Pia\Studium
2013-12-02 23:17 - 2012-08-08 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 23:05 - 2012-08-09 03:41 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-12-02 23:05 - 2012-08-09 03:41 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-12-02 23:05 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-02 20:01 - 2010-11-21 04:47 - 00752314 _____ C:\Windows\PFRO.log
2013-12-02 12:54 - 2013-12-02 12:54 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-02 12:54 - 2012-09-24 15:53 - 00000000 ____D C:\Users\Pia\AppData\Local\Google
2013-12-02 12:54 - 2012-08-08 18:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-27 15:51 - 2013-11-27 15:45 - 00000000 ____D C:\Users\Pia\Desktop\Fotos
2013-11-26 19:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:59 - 2012-09-24 15:53 - 00001614 _____ C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 15:52 - 2013-11-26 15:44 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 15:47 - 2013-08-17 15:06 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 15:38 - 2013-11-24 14:09 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 22:13 - 2013-11-24 13:31 - 00000000 ____D C:\AdwCleaner
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:53 - 2012-09-25 05:48 - 00000000 ____D C:\Users\Pia
2013-11-24 14:11 - 2013-11-24 14:10 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 14:09 - 2013-11-24 14:09 - 00000000 ____D C:\FRST
2013-11-24 13:38 - 2012-09-24 15:53 - 00000000 ___RD C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-24 13:20 - 2013-02-27 17:19 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-11-23 16:23 - 2013-11-23 12:45 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-23 12:39 - 2013-11-14 23:07 - 00000000 ____D C:\Users\Pia\PAD
2013-11-20 15:55 - 2013-06-07 16:01 - 00012288 ___SH C:\Users\Pia\Thumbs.db
2013-11-20 03:06 - 2013-11-18 20:14 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:14 - 2013-11-18 20:11 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log

Files to move or delete:
====================
C:\Users\Pia\phase-6-premium-windows-installer-cd.exe


Some content of TEMP:
====================
C:\Users\Pia\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 13:34

==================== End Of Log ============================

--- --- ---

schrauber · 04.12.2013, 09:30

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

pschefe · 04.12.2013, 10:00

fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2013
Ran by Pia at 2013-12-04 09:59:13 Run:1
Running from C:\Users\Pia\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
         
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

==== End of Fixlog ====

schrauber · 04.12.2013, 14:26

Besser?

pschefe · 04.12.2013, 14:39

Leider nein, kommt immer noch beim internet explorer;-(

schrauber · 05.12.2013, 09:38

Gibts doch nicht. Frisches FRST log bitte.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
do-Search
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

pschefe · 06.12.2013, 16:24

ok, hier der FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Pia (administrator) on PIAPC on 05-12-2013 12:53:51
Running from C:\Users\Pia\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Pia\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11049576 2010-07-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [54632 2011-01-14] (Lenovo Group Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-08] (Google Inc.)
MountPoints2: {3e2d6695-e17a-11e1-9307-806e6f6e6963} - Q:\LenovoQDrive.exe
MountPoints2: {8122f567-df36-11e2-a227-089e011496c7} - E:\MI.exe
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1129832 2010-08-24] (Lenovo Group Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2009-03-24] ()
AppInit_DLLs:   [ ] ()
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR RestoreOnStartup: "https://mail.google.com/mail/u/0/#inbox"
CHR Extension: (Google Docs) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-15] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [205952 2009-11-23] (SMI)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-05 12:50 - 2013-12-05 12:50 - 01959766 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-05 12:50 - 2013-12-05 12:50 - 01959766 _____ (Farbar) C:\Users\Pia\Downloads\FRST64 (1).exe
2013-12-04 09:55 - 2013-12-04 09:55 - 00000857 _____ C:\Users\Pia\Desktop\fixlist.txt
2013-12-03 10:08 - 2013-12-05 12:53 - 00012942 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-02 12:54 - 2013-12-02 12:54 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:51 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 15:44 - 2013-11-26 15:52 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:10 - 2013-11-24 14:11 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 14:09 - 2013-11-25 15:38 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-24 14:09 - 2013-11-24 14:09 - 00000000 ____D C:\FRST
2013-11-24 13:31 - 2013-11-24 22:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-23 12:45 - 2013-11-23 16:23 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-18 20:14 - 2013-11-20 03:06 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log
2013-11-18 20:11 - 2013-11-18 20:14 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-16 00:26 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-14 23:07 - 2013-11-23 12:39 - 00000000 ____D C:\Users\Pia\PAD
2013-11-14 16:20 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 16:20 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 16:20 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 16:19 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 16:19 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 16:19 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 16:19 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 16:19 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 16:19 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 16:19 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 16:19 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 16:19 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 16:19 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 16:19 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 16:19 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-05 12:54 - 2013-12-03 10:08 - 00012942 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-05 12:50 - 2013-12-05 12:50 - 01959766 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-05 12:50 - 2013-12-05 12:50 - 01959766 _____ (Farbar) C:\Users\Pia\Downloads\FRST64 (1).exe
2013-12-05 12:27 - 2012-08-08 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-05 11:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-05 11:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-05 11:47 - 2013-08-17 15:04 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-05 11:43 - 2012-10-03 04:52 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Dropbox
2013-12-05 11:42 - 2012-10-03 05:01 - 00000000 ___RD C:\Users\Pia\Dropbox
2013-12-05 11:42 - 2012-08-08 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-05 11:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-05 11:41 - 2009-07-14 05:51 - 00107097 _____ C:\Windows\setupact.log
2013-12-05 02:32 - 2012-08-08 18:01 - 01617938 _____ C:\Windows\WindowsUpdate.log
2013-12-04 15:18 - 2012-08-08 18:33 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 15:18 - 2012-08-08 18:33 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 09:55 - 2013-12-04 09:55 - 00000857 _____ C:\Users\Pia\Desktop\fixlist.txt
2013-12-03 17:12 - 2012-08-09 03:41 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-12-03 17:12 - 2012-08-09 03:41 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-12-03 17:12 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 10:01 - 2012-11-22 18:05 - 00000000 ____D C:\Users\Pia\AppData\Local\CrashDumps
2013-12-03 09:48 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 23:40 - 2012-09-27 02:01 - 00000000 ____D C:\Users\Pia\Studium
2013-12-02 20:01 - 2010-11-21 04:47 - 00752314 _____ C:\Windows\PFRO.log
2013-12-02 12:54 - 2013-12-02 12:54 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-02 12:54 - 2012-09-24 15:53 - 00000000 ____D C:\Users\Pia\AppData\Local\Google
2013-12-02 12:54 - 2012-08-08 18:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-26 19:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:59 - 2012-09-24 15:53 - 00001614 _____ C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 15:52 - 2013-11-26 15:44 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 15:47 - 2013-08-17 15:06 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 15:38 - 2013-11-24 14:09 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 22:13 - 2013-11-24 13:31 - 00000000 ____D C:\AdwCleaner
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:53 - 2012-09-25 05:48 - 00000000 ____D C:\Users\Pia
2013-11-24 14:11 - 2013-11-24 14:10 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 14:09 - 2013-11-24 14:09 - 00000000 ____D C:\FRST
2013-11-24 13:38 - 2012-09-24 15:53 - 00000000 ___RD C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-24 13:20 - 2013-02-27 17:19 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-11-23 16:23 - 2013-11-23 12:45 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-23 12:39 - 2013-11-14 23:07 - 00000000 ____D C:\Users\Pia\PAD
2013-11-20 15:55 - 2013-06-07 16:01 - 00012288 ___SH C:\Users\Pia\Thumbs.db
2013-11-20 03:06 - 2013-11-18 20:14 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:14 - 2013-11-18 20:11 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log

Files to move or delete:
====================
C:\Users\Pia\phase-6-premium-windows-installer-cd.exe


Some content of TEMP:
====================
C:\Users\Pia\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 13:34

==================== End Of Log ============================

--- --- ---

und hier der system look:

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 16:20 on 06/12/2013 by Pia
Administrator - Elevation successful

========== regfind ==========

Searching for "do-Search"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\do-searchSoftware]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\do-searchSoftware\do-searchhp]

-= EOF =-

schrauber · 07.12.2013, 12:04

Kopiere den Text in der Codebox in deinen Editor (z.B. Notepad) und speichere es unter dem Namen regfix.reg (bei Dateityp bitte "alle Dateien" wählen)

Code:

ATTFilter

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\do-searchSoftware]

Starte die regfix.reg duch Doppelklick.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\Default\...\RunOnce: [] - [x]
HKLM-x32\...\Run: [] - [x]
AppInit_DLLs:   [ ] ()
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Immer noch?

pschefe · 08.12.2013, 18:43

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2013
Ran by Pia at 2013-12-04 09:59:13 Run:1
Running from C:\Users\Pia\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1384801904&from=tugs&uid=ST9500325AS_5VETBBM8XXXX5VETBBM8&q={searchTerms}
         
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

==== End of Fixlog ====

ja, leider immer noch;-(

schrauber · 09.12.2013, 09:50

Starte bitte den IE nicht über Desktop Shortcut oder Startmenü, sondern im Windows Explorer direkt in den Programme Ordner gehen , IE von dort direkt starten, immer noch?

pschefe · 09.12.2013, 14:34

leider ja;-(

schrauber · 10.12.2013, 09:40

Neues FRST log bitte, und neue Suche mit Systemlook.

pschefe · 11.12.2013, 10:38

hier das FRST log, aber was meinst du mit "neue suche mit systemlook"?

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Pia (administrator) on PIAPC on 11-12-2013 09:45:20
Running from C:\Users\Pia\Downloads\FRST-OlderVersion\FRST-OlderVersion
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11049576 2010-07-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [54632 2011-01-14] (Lenovo Group Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-08] (Google Inc.)
MountPoints2: {3e2d6695-e17a-11e1-9307-806e6f6e6963} - Q:\LenovoQDrive.exe
MountPoints2: {8122f567-df36-11e2-a227-089e011496c7} - E:\MI.exe
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1129832 2010-08-24] (Lenovo Group Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2009-03-24] ()
AppInit_DLLs:   [ ] ()
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR RestoreOnStartup: "https://mail.google.com/mail/u/0/#inbox"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2010-07-15] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [205952 2009-11-23] (SMI)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 22:24 - 2013-12-09 22:24 - 00225166 _____ C:\Users\Pia\Downloads\Iskra.pptx
2013-12-09 22:24 - 2013-12-09 22:24 - 00225166 _____ C:\Users\Pia\Downloads\Iskra (1).pptx
2013-12-08 18:36 - 2013-12-08 18:39 - 00000000 ____D C:\Users\Pia\Downloads\FRST-OlderVersion
2013-12-08 18:31 - 2013-12-08 18:31 - 00000100 _____ C:\Users\Pia\Desktop\regfix.reg
2013-12-06 16:20 - 2013-12-06 16:20 - 00000650 _____ C:\Users\Pia\Downloads\SystemLook.txt
2013-12-06 16:19 - 2013-12-06 16:19 - 00165376 _____ C:\Users\Pia\Downloads\SystemLook_x64 (1).exe
2013-12-06 16:09 - 2013-12-06 16:09 - 00165376 _____ C:\Users\Pia\Downloads\SystemLook_x64.exe
2013-12-05 12:50 - 2013-12-08 18:36 - 01927772 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-04 09:55 - 2013-12-08 18:35 - 00000233 _____ C:\Users\Pia\Desktop\fixlist.txt
2013-12-03 10:08 - 2013-12-05 12:57 - 00050661 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-02 12:54 - 2013-12-06 09:27 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:51 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 15:44 - 2013-11-26 15:52 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:10 - 2013-11-24 14:11 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 14:09 - 2013-12-11 09:45 - 00000000 ____D C:\FRST
2013-11-24 14:09 - 2013-11-25 15:38 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-24 13:31 - 2013-11-24 22:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-23 12:45 - 2013-11-23 16:23 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-18 20:14 - 2013-11-20 03:06 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log
2013-11-18 20:11 - 2013-11-18 20:14 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-16 00:26 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-16 00:26 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-14 23:07 - 2013-11-23 12:39 - 00000000 ____D C:\Users\Pia\PAD
2013-11-14 16:20 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 16:20 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 16:20 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 16:19 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 16:19 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 16:19 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 16:19 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 16:19 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 16:19 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 16:19 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 16:19 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 16:19 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 16:19 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 16:19 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 16:19 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 16:19 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 16:19 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 16:19 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 16:19 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 16:19 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 16:19 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 16:19 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-11 09:45 - 2013-11-24 14:09 - 00000000 ____D C:\FRST
2013-12-11 09:34 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 09:34 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 09:30 - 2012-08-08 18:01 - 01775428 _____ C:\Windows\WindowsUpdate.log
2013-12-11 09:27 - 2012-10-03 05:01 - 00000000 ___RD C:\Users\Pia\Dropbox
2013-12-11 09:27 - 2012-10-03 04:52 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Dropbox
2013-12-11 09:26 - 2012-08-08 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 09:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 09:26 - 2009-07-14 05:51 - 00107937 _____ C:\Windows\setupact.log
2013-12-11 09:25 - 2012-08-08 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-09 22:24 - 2013-12-09 22:24 - 00225166 _____ C:\Users\Pia\Downloads\Iskra.pptx
2013-12-09 22:24 - 2013-12-09 22:24 - 00225166 _____ C:\Users\Pia\Downloads\Iskra (1).pptx
2013-12-08 18:39 - 2013-12-08 18:36 - 00000000 ____D C:\Users\Pia\Downloads\FRST-OlderVersion
2013-12-08 18:36 - 2013-12-05 12:50 - 01927772 _____ (Farbar) C:\Users\Pia\Downloads\FRST64.exe
2013-12-08 18:35 - 2013-12-04 09:55 - 00000233 _____ C:\Users\Pia\Desktop\fixlist.txt
2013-12-08 18:31 - 2013-12-08 18:31 - 00000100 _____ C:\Users\Pia\Desktop\regfix.reg
2013-12-06 17:57 - 2012-09-27 02:01 - 00000000 ____D C:\Users\Pia\Studium
2013-12-06 16:20 - 2013-12-06 16:20 - 00000650 _____ C:\Users\Pia\Downloads\SystemLook.txt
2013-12-06 16:19 - 2013-12-06 16:19 - 00165376 _____ C:\Users\Pia\Downloads\SystemLook_x64 (1).exe
2013-12-06 16:09 - 2013-12-06 16:09 - 00165376 _____ C:\Users\Pia\Downloads\SystemLook_x64.exe
2013-12-06 15:45 - 2012-10-03 04:41 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Skype
2013-12-06 09:27 - 2013-12-02 12:54 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 12:57 - 2013-12-03 10:08 - 00050661 _____ C:\Users\Pia\Downloads\FRST.txt
2013-12-05 11:47 - 2013-08-17 15:04 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-04 15:18 - 2012-08-08 18:33 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 15:18 - 2012-08-08 18:33 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 17:12 - 2012-08-09 03:41 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-12-03 17:12 - 2012-08-09 03:41 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-12-03 17:12 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 10:01 - 2012-11-22 18:05 - 00000000 ____D C:\Users\Pia\AppData\Local\CrashDumps
2013-12-03 09:48 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 20:01 - 2010-11-21 04:47 - 00752314 _____ C:\Windows\PFRO.log
2013-12-02 12:54 - 2012-09-24 15:53 - 00000000 ____D C:\Users\Pia\AppData\Local\Google
2013-12-02 12:54 - 2012-08-08 18:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-26 19:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 16:33 - 2013-11-26 16:33 - 00448512 _____ (OldTimer Tools) C:\Users\Pia\Desktop\TFC.exe
2013-11-26 15:59 - 2012-09-24 15:53 - 00001614 _____ C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 15:52 - 2013-11-26 15:44 - 00010683 _____ C:\Windows\IE11_main.log
2013-11-26 15:47 - 2013-11-26 15:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 15:47 - 2013-11-26 15:47 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 15:47 - 2013-11-26 15:47 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 15:47 - 2013-11-26 15:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 15:47 - 2013-11-26 15:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 15:47 - 2013-11-26 15:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 15:47 - 2013-11-26 15:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 15:47 - 2013-11-26 15:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 15:47 - 2013-08-17 15:06 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-25 15:47 - 2013-08-17 15:04 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-25 15:38 - 2013-11-24 14:09 - 00034096 _____ C:\Users\Pia\Desktop\FRST.txt
2013-11-25 15:29 - 2013-11-25 15:29 - 00891184 _____ C:\Users\Pia\Desktop\SecurityCheck.exe
2013-11-25 09:31 - 2013-11-25 09:31 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-25 09:30 - 2013-11-25 09:30 - 02347384 _____ (ESET) C:\Users\Pia\Desktop\esetsmartinstaller_enu.exe
2013-11-24 22:34 - 2013-11-24 22:34 - 00001175 _____ C:\Users\Pia\Desktop\JRT.txt
2013-11-24 22:24 - 2013-11-24 22:24 - 00000000 ____D C:\Windows\ERUNT
2013-11-24 22:22 - 2013-11-24 22:22 - 01034531 _____ (Thisisu) C:\Users\Pia\Desktop\JRT.exe
2013-11-24 22:13 - 2013-11-24 13:31 - 00000000 ____D C:\AdwCleaner
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Users\Pia\AppData\Roaming\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-24 19:24 - 2013-11-24 19:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-24 19:10 - 2013-11-24 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pia\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-24 14:53 - 2012-09-25 05:48 - 00000000 ____D C:\Users\Pia
2013-11-24 14:11 - 2013-11-24 14:10 - 00019779 _____ C:\Users\Pia\Desktop\Addition.txt
2013-11-24 13:38 - 2012-09-24 15:53 - 00000000 ___RD C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-24 13:31 - 2013-11-24 13:31 - 01091882 _____ C:\Users\Pia\Desktop\AdwCleaner.exe
2013-11-24 13:20 - 2013-02-27 17:19 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-11-23 16:23 - 2013-11-23 12:45 - 00000000 ____D C:\Users\Pia\Rechnungen
2013-11-23 12:39 - 2013-11-14 23:07 - 00000000 ____D C:\Users\Pia\PAD
2013-11-20 15:55 - 2013-06-07 16:01 - 00012288 ___SH C:\Users\Pia\Thumbs.db
2013-11-20 03:06 - 2013-11-18 20:14 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-18 20:14 - 2013-11-18 20:14 - 00001044 _____ C:\Users\Public\Desktop\VideoPlayer.lnk
2013-11-18 20:14 - 2013-11-18 20:11 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-11-18 20:12 - 2013-11-18 20:12 - 00000552 _____ C:\Windows\KB893803v2.log

Files to move or delete:
====================
C:\Users\Pia\phase-6-premium-windows-installer-cd.exe


Some content of TEMP:
====================
C:\Users\Pia\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 13:34

==================== End Of Log ============================

--- --- ---

schrauber · 12.12.2013, 09:02

Das hier

http://www.trojaner-board.de/145099-...ml#post1207065

Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste den Inhalt mit deiner nächsten Antwort.

04.12.2013, 14:26	#20
schrauber /// the machine /// TB-Ausbilder	Wie kriege ich do-search weg? Besser? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

10.12.2013, 09:40	#28
schrauber /// the machine /// TB-Ausbilder	Wie kriege ich do-search weg? Neues FRST log bitte, und neue Suche mit Systemlook. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Wie kriege ich do-search weg?

Plagegeister aller Art und deren Bekämpfung: Wie kriege ich do-search weg?