Nobodykillah | 20.09.2013 21:31 | Guten Abend,
ich habe alles Schritte erledigt. Probleme und Fehlermeldungen hatte ich keine bis ich nach deinem letzten Post den Scan mit Malware gesartet habe, da kam nämlich folgende Meldung von Avira unten am Bildschirm "Der Zugriff auf die Datei C:\Users\Jenny\Downloads\ZipOpenerSetup.exe, die ein Virus oder unerwünschtes Programm ADWARE\InstallCore.Gen7 enthält wurde verweigert. Außerdem habe ich es nicht hinbekommen die Addition.txt zu finden nach dem Scan, sollte sie dann nicht auf dem Desktop erscheinen? Ich weiss ich habe diesen schritt schonmal am anfang gemacht aber ich weiss nicht was ich falsch mache......
Schritt 1 Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.09.19.07
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jenny :: JENNY-PC [Administrator]
Schutz: Deaktiviert
19.09.2013 22:44:07
mbam-log-2013-09-19 (22-44-07).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 205643
Laufzeit: 9 Minute(n), 56 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 10
C:\Users\Jenny\Downloads\FreeYouTubeToMP3Converter(1).exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Top_Eleven_Hack.exe (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\ZipOpenerSetup.exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Setup (1).exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Setup (2).exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Setup (3).exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Setup.exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\SoftonicDownloader_fuer_gimp.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Musteranschreiben PDF Downloader (1).exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jenny\Downloads\Musteranschreiben PDF Downloader.exe (PUP.Optional.Solimba) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Schritt 2 Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d3a4dc2e02b73b47a164f7b07a31655f
# engine=15192
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-19 09:41:26
# local_time=2013-09-19 11:41:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1036 16777214 0 1 535077 35938035 0 0
# compatibility_mode=1799 16775165 100 95 3778 5461273 0 0
# compatibility_mode=5892 16776574 100 100 210726 217159614 0 0
# scanned=35637
# found=5
# cleaned=0
# scan_time=1404
sh=984CDAA7C03EDAA48660D6F8231E233AA9AD6857 ft=1 fh=223ae04b43908e86 vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir"
sh=38A526023ACE147C64DFEAC98AF7F1F087A8CF52 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\back.js.vir"
sh=128AD5222AFA91938FE35745FEAAE60E666386C7 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\yl.js.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d3a4dc2e02b73b47a164f7b07a31655f
# engine=15192
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-19 11:47:05
# local_time=2013-09-20 01:47:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1036 16777214 0 1 542616 35945574 0 0
# compatibility_mode=1799 16775165 100 95 11317 5468812 4090 0
# compatibility_mode=5892 16776574 100 100 218265 217167153 0 0
# scanned=227756
# found=7
# cleaned=0
# scan_time=7083
sh=984CDAA7C03EDAA48660D6F8231E233AA9AD6857 ft=1 fh=223ae04b43908e86 vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooIEClient.dll.vir"
sh=38A526023ACE147C64DFEAC98AF7F1F087A8CF52 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\YontooLayers.crx.vir"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\back.js.vir"
sh=128AD5222AFA91938FE35745FEAAE60E666386C7 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1\yl.js.vir"
sh=B77B2987BC8F53DB2B7D2BA7E696728AC5295A37 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L application" ac=I fn="C:\Users\Jenny\Desktop\Alte Firefox-Daten\2sx7i702.default\extensions\125\chrome\content\main.js"
sh=D697D0396B6AD1245FA79335D8AAA1B8D3815375 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="C:\Users\Jenny\Desktop\Alte Firefox-Daten\2sx7i702.default\extensions\plugin@yontoo.com\content\overlay.js" Schritt 3 Code:
Results of screen317's Security Check version 0.99.73
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8 ``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated! `````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware Version 1.75.0.1300
HijackThis 2.0.2
TuneUp Utilities Language Pack (de-DE)
CCleaner
Java(TM) 6 Update 22
Java 7 Update 25
Adobe Flash Player 11.7.700.224
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66 ````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
Schritt 4
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-09-2013 01
Ran by Jenny (administrator) on JENNY-PC on 20-09-2013 21:49:44
Running from C:\Users\Jenny\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(UASSOFT.COM) C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Tor\tor.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(UASSOFT.COM) C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent, Inc.) C:\Users\Jenny\Program Files\DNA\btdna.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Facebook Inc.) C:\Users\Jenny\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(UASSOFT.COM) C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe
(UASSOFT.COM) C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7420448 2009-04-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-08-28] (Synaptics, Inc.)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-04-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-18] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [KMCONFIG] - C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe [212992 2008-05-30] (UASSOFT.COM)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [BitTorrent DNA] - C:\Users\Jenny\Program Files\DNA\btdna.exe [323392 2010-02-21] (BitTorrent, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Jenny\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-07-24] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Bewerbung-Reminder.lnk
ShortcutTarget: WISO Bewerbung-Reminder.lnk -> C:\Program Files\Buhl\Bewerbung 2008\KCReminder.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {D5F1E952-386A-4407-B179-8DC034744CD9} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {DFEF6E39-45CE-4D40-8057-126A3A81C462} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -DVDVideoSoft Toolbar - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.fujidirekt.de/ips-opdata/objects/jordan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\6rfrif3m.default-1379167572116
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin HKCU: @bittorrent.com/BitTorrentDNA - C:\Users\Jenny\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jenny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jenny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Program Files\Mozilla Firefox\extensions\{52c732b8-d108-4aae-b327-4b16b66dda26}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Jenny\Program Files\DNA
FF Extension: No Name - C:\Users\Jenny\Program Files\DNA
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Jenny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jenny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (DNA Plug-in) - C:\Users\Jenny\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 KMWDSERVICE; C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe [1823744 2009-08-31] (UASSOFT.COM)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 tor; C:\Program Files\Tor\tor.exe [3233806 2013-09-04] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [x]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-07-18] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2006-11-14] (SAMSUNG ELECTRONICS CO., LTD.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-30] (Windows (R) Codename Longhorn DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-18] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25216 2010-02-25] (The OpenVPN Project)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleNT; \??\C:\Users\Jenny\AppData\Local\Temp\EagleNT.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-20 21:49 - 2013-09-20 21:49 - 01083549 _____ (Farbar) C:\Users\Jenny\Desktop\FRST.exe
2013-09-20 21:06 - 2013-09-20 21:06 - 00001284 _____ C:\Users\Jenny\Desktop\checkup.txt
2013-09-20 20:59 - 2013-09-20 20:59 - 00891144 _____ C:\Users\Jenny\Desktop\SecurityCheck.exe
2013-09-20 20:54 - 2013-09-20 20:54 - 00016257 _____ C:\Users\Jenny\Desktop\Download.htm
2013-09-20 20:48 - 2013-09-20 20:48 - 98487876 _____ C:\Windows\system32\倗⹍᭄²
2013-09-19 23:45 - 2013-09-19 23:45 - 02347384 _____ (ESET) C:\Users\Jenny\Downloads\esetsmartinstaller_enu (1).exe
2013-09-19 23:15 - 2013-09-19 23:15 - 02347384 _____ (ESET) C:\Users\Jenny\Downloads\esetsmartinstaller_enu.exe
2013-09-19 23:15 - 2013-09-19 23:15 - 00000000 ____D C:\Program Files\ESET
2013-09-19 22:39 - 2013-09-19 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jenny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-09-17 22:05 - 2013-09-17 22:05 - 00008856 _____ C:\Users\Jenny\Desktop\LanmanInfo.txt
2013-09-17 21:55 - 2013-09-17 21:55 - 00000000 ____D C:\_OTL
2013-09-17 21:51 - 2013-09-17 21:52 - 00602112 _____ (OldTimer Tools) C:\Users\Jenny\Downloads\OTL.exe
2013-09-17 13:13 - 2013-09-17 22:05 - 00000156 _____ C:\Users\Jenny\Desktop\Look.bat
2013-09-17 13:04 - 2013-09-17 13:04 - 00000183 _____ C:\Users\Jenny\Desktop\regfix.reg
2013-09-16 20:17 - 2013-09-16 20:17 - 00100562 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 673617.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00508578 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 888162.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00157574 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 684994.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00157574 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 138409.crdownload
2013-09-15 23:11 - 2013-09-15 23:11 - 00017915 _____ C:\Users\Jenny\Desktop\combo.txt
2013-09-15 23:10 - 2013-09-15 23:10 - 00017915 _____ C:\ComboFix.txt
2013-09-15 22:46 - 2013-09-15 22:46 - 05126233 ____R (Swearware) C:\Users\Jenny\Desktop\ComboFix.exe
2013-09-15 22:14 - 2013-09-15 22:15 - 05126233 _____ (Swearware) C:\Users\Jenny\Downloads\ComboFix (1).exe
2013-09-14 17:04 - 2013-09-14 17:04 - 01083285 _____ (Farbar) C:\Users\Jenny\Downloads\FRST (1).exe
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 16:42 - 2013-09-14 16:42 - 01029509 _____ (Thisisu) C:\Users\Jenny\Desktop\JRT.exe
2013-09-14 16:39 - 2013-09-14 16:39 - 00014383 _____ C:\Users\Jenny\Desktop\AdwCleaner[S0].txt
2013-09-14 16:30 - 2013-09-14 16:31 - 00000000 ____D C:\AdwCleaner
2013-09-14 16:30 - 2013-09-14 16:30 - 01037278 _____ C:\Users\Jenny\Downloads\adwcleaner.exe
2013-09-14 16:30 - 2013-09-14 16:30 - 01037278 _____ C:\Users\Jenny\Desktop\adwcleaner.exe
2013-09-14 13:37 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 13:37 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 13:37 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 13:37 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 13:37 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-14 13:37 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 13:37 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-14 13:37 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 13:37 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 13:37 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-14 13:37 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-14 13:37 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 13:37 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 13:37 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 13:37 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-14 13:37 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 17:38 - 2013-09-15 23:10 - 00000000 ____D C:\Qoobox
2013-09-13 17:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-13 17:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-13 17:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-13 17:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-13 17:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-13 17:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-13 17:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-13 17:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-13 17:37 - 2013-09-15 23:00 - 00000000 ____D C:\Windows\erdnt
2013-09-13 17:36 - 2013-09-13 17:37 - 05125578 _____ (Swearware) C:\Users\Jenny\Downloads\ComboFix.exe
2013-09-13 16:52 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 16:52 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-13 16:41 - 2013-09-13 16:41 - 97492159 _____ C:\Windows\system32\嶾�᭄¢
2013-09-12 21:07 - 2013-09-12 21:07 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (3).exe
2013-09-12 21:07 - 2013-09-12 21:07 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (2).exe
2013-09-12 20:38 - 2013-09-12 20:38 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (1).exe
2013-09-12 20:37 - 2013-09-12 20:37 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck.exe
2013-09-12 15:03 - 2013-09-12 15:03 - 00285646 _____ C:\Users\Jenny\Desktop\Reiseunterlagen 2.htm
2013-09-12 15:03 - 2013-09-12 15:03 - 00000000 ____D C:\Users\Jenny\Desktop\Reiseunterlagen 2_files
2013-09-12 15:02 - 2013-09-12 15:02 - 00283481 _____ C:\Users\Jenny\Desktop\Reiseunterlagen 1.htm
2013-09-12 15:02 - 2013-09-12 15:02 - 00000000 ____D C:\Users\Jenny\Desktop\Reiseunterlagen 1_files
2013-09-12 12:17 - 2013-09-12 12:17 - 00048347 _____ C:\Users\Jenny\Downloads\FRST.txt
2013-09-12 12:17 - 2013-09-12 12:17 - 00030706 _____ C:\Users\Jenny\Downloads\Addition.txt
2013-09-12 12:14 - 2013-09-12 12:14 - 01082587 _____ (Farbar) C:\Users\Jenny\Downloads\FRST.exe
2013-09-12 12:14 - 2013-09-12 12:14 - 00000000 ____D C:\FRST
2013-09-12 12:11 - 2013-09-12 12:11 - 00050477 _____ C:\Users\Jenny\Downloads\Defogger.exe
2013-09-12 11:59 - 2013-09-12 11:59 - 00000000 ____D C:\Users\Jenny\AppData\Local\avgchrome
2013-09-11 17:54 - 2013-09-11 17:54 - 05212254 _____ C:\Users\Jenny\Downloads\EVEG_GNTM.flv
2013-09-11 15:14 - 2013-09-11 15:14 - 09059029 _____ C:\Users\Jenny\Downloads\Anhänge_2013911 (1).zip
2013-09-11 14:32 - 2013-09-11 14:32 - 00000000 ____D C:\Users\Jenny\Downloads\Anhänge_2013911
2013-09-11 14:29 - 2013-09-11 14:30 - 13403826 _____ C:\Users\Jenny\Downloads\Anhänge_2013911.zip
2013-09-10 18:50 - 2013-09-10 18:58 - 00000000 ____D C:\ProgramData\POIbase
2013-09-10 18:50 - 2013-09-10 18:52 - 00000000 ____D C:\Program Files\POIbase
2013-09-10 18:50 - 2013-09-10 18:50 - 00001610 _____ C:\Users\Public\Desktop\POIbase.lnk
2013-09-10 18:49 - 2013-09-10 18:49 - 21719272 _____ ( ) C:\Users\Jenny\Downloads\poibase_setup1066_poibase.exe
2013-09-09 19:32 - 2013-09-09 19:32 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272 (2).exe
2013-09-09 19:32 - 2013-09-09 19:32 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272 (1).exe
2013-09-09 18:57 - 2013-09-09 19:00 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Garmin
2013-09-09 18:57 - 2013-09-09 18:59 - 00000000 ____D C:\Program Files\Garmin
2013-09-09 18:56 - 2013-09-09 18:57 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272.exe
2013-09-08 12:25 - 2013-09-19 22:40 - 00000866 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-08 12:25 - 2013-09-19 22:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-08 12:25 - 2013-09-08 12:25 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Malwarebytes
2013-09-08 12:25 - 2013-09-08 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-08 12:25 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-08 12:04 - 2013-09-08 12:05 - 10284808 _____ (Malwarebytes Corporation ) C:\Users\Jenny\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-07 18:40 - 2013-09-07 18:40 - 96533415 _____ C:\Windows\system32\᭥讻᭄…
2013-09-04 16:50 - 2013-09-04 16:50 - 00000000 ____D C:\Program Files\Tor
2013-08-28 17:43 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
==================== One Month Modified Files and Folders =======
2013-09-20 21:49 - 2013-09-20 21:49 - 01083549 _____ (Farbar) C:\Users\Jenny\Desktop\FRST.exe
2013-09-20 21:47 - 2010-02-21 21:20 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\DNA
2013-09-20 21:40 - 2010-10-04 20:48 - 01482299 _____ C:\Windows\WindowsUpdate.log
2013-09-20 21:40 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-20 21:40 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-20 21:06 - 2013-09-20 21:06 - 00001284 _____ C:\Users\Jenny\Desktop\checkup.txt
2013-09-20 20:59 - 2013-09-20 20:59 - 00891144 _____ C:\Users\Jenny\Desktop\SecurityCheck.exe
2013-09-20 20:54 - 2013-09-20 20:54 - 00016257 _____ C:\Users\Jenny\Desktop\Download.htm
2013-09-20 20:48 - 2013-09-20 20:48 - 98487876 _____ C:\Windows\system32\倗⹍᭄²
2013-09-20 17:32 - 2013-07-29 20:44 - 00000000 ___RD C:\Users\Jenny\Dropbox
2013-09-20 17:32 - 2013-07-29 20:41 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Dropbox
2013-09-19 23:45 - 2013-09-19 23:45 - 02347384 _____ (ESET) C:\Users\Jenny\Downloads\esetsmartinstaller_enu (1).exe
2013-09-19 23:15 - 2013-09-19 23:15 - 02347384 _____ (ESET) C:\Users\Jenny\Downloads\esetsmartinstaller_enu.exe
2013-09-19 23:15 - 2013-09-19 23:15 - 00000000 ____D C:\Program Files\ESET
2013-09-19 23:03 - 2013-07-18 18:33 - 00021776 _____ C:\Windows\PFRO.log
2013-09-19 23:01 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\Performance
2013-09-19 22:40 - 2013-09-19 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jenny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-09-19 22:40 - 2013-09-08 12:25 - 00000866 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-19 22:40 - 2013-09-08 12:25 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-19 19:59 - 2010-02-04 15:02 - 00119808 _____ C:\Users\Jenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-19 19:58 - 2006-11-02 12:33 - 01592986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 23:45 - 2011-11-11 18:29 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\UseNeXT
2013-09-18 23:43 - 2011-11-11 18:29 - 00000000 ____D C:\Users\Jenny\Documents\UseNeXT
2013-09-17 22:05 - 2013-09-17 22:05 - 00008856 _____ C:\Users\Jenny\Desktop\LanmanInfo.txt
2013-09-17 22:05 - 2013-09-17 13:13 - 00000156 _____ C:\Users\Jenny\Desktop\Look.bat
2013-09-17 21:55 - 2013-09-17 21:55 - 00000000 ____D C:\_OTL
2013-09-17 21:52 - 2013-09-17 21:51 - 00602112 _____ (OldTimer Tools) C:\Users\Jenny\Downloads\OTL.exe
2013-09-17 15:16 - 2013-04-08 21:39 - 00000000 ____D C:\Users\Jenny\Desktop\Bilder Kopiene machne
2013-09-17 14:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-09-17 13:04 - 2013-09-17 13:04 - 00000183 _____ C:\Users\Jenny\Desktop\regfix.reg
2013-09-16 20:17 - 2013-09-16 20:17 - 00100562 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 673617.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00508578 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 888162.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00157574 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 684994.crdownload
2013-09-16 09:27 - 2013-09-16 09:27 - 00157574 _____ C:\Users\Jenny\Downloads\Nicht bestätigt 138409.crdownload
2013-09-15 23:11 - 2013-09-15 23:11 - 00017915 _____ C:\Users\Jenny\Desktop\combo.txt
2013-09-15 23:10 - 2013-09-15 23:10 - 00017915 _____ C:\ComboFix.txt
2013-09-15 23:10 - 2013-09-13 17:38 - 00000000 ____D C:\Qoobox
2013-09-15 23:02 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-15 23:00 - 2013-09-13 17:37 - 00000000 ____D C:\Windows\erdnt
2013-09-15 22:46 - 2013-09-15 22:46 - 05126233 ____R (Swearware) C:\Users\Jenny\Desktop\ComboFix.exe
2013-09-15 22:34 - 2013-05-01 21:44 - 00000000 ____D C:\Users\Jenny\Desktop\Bewerbung Toni
2013-09-15 22:21 - 2013-06-12 17:21 - 00000000 ____D C:\Users\Jenny\Desktop\Toooo
2013-09-15 22:21 - 2013-04-08 21:33 - 00000000 ____D C:\Users\Jenny\Desktop\j
2013-09-15 22:15 - 2013-09-15 22:14 - 05126233 _____ (Swearware) C:\Users\Jenny\Downloads\ComboFix (1).exe
2013-09-14 20:08 - 2013-06-12 17:26 - 00000000 ____D C:\Users\Jenny\Toni Musik CAR
2013-09-14 17:04 - 2013-09-14 17:04 - 01083285 _____ (Farbar) C:\Users\Jenny\Downloads\FRST (1).exe
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 16:42 - 2013-09-14 16:42 - 01029509 _____ (Thisisu) C:\Users\Jenny\Desktop\JRT.exe
2013-09-14 16:39 - 2013-09-14 16:39 - 00014383 _____ C:\Users\Jenny\Desktop\AdwCleaner[S0].txt
2013-09-14 16:31 - 2013-09-14 16:30 - 00000000 ____D C:\AdwCleaner
2013-09-14 16:31 - 2010-03-31 22:31 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-09-14 16:31 - 2010-02-04 23:12 - 00000000 ____D C:\ProgramData\ICQ
2013-09-14 16:30 - 2013-09-14 16:30 - 01037278 _____ C:\Users\Jenny\Downloads\adwcleaner.exe
2013-09-14 16:30 - 2013-09-14 16:30 - 01037278 _____ C:\Users\Jenny\Desktop\adwcleaner.exe
2013-09-14 16:08 - 2010-02-04 15:22 - 00000000 ____D C:\Users\Jenny\AppData\Local\Google
2013-09-14 14:49 - 2006-11-02 14:47 - 03749016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 13:36 - 2013-08-17 12:14 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 13:34 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-13 22:02 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-13 17:37 - 2013-09-13 17:36 - 05125578 _____ (Swearware) C:\Users\Jenny\Downloads\ComboFix.exe
2013-09-13 17:36 - 2012-01-05 20:26 - 00000000 ____D C:\ProgramData\MFAData
2013-09-13 16:41 - 2013-09-13 16:41 - 97492159 _____ C:\Windows\system32\嶾�᭄¢
2013-09-12 21:07 - 2013-09-12 21:07 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (3).exe
2013-09-12 21:07 - 2013-09-12 21:07 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (2).exe
2013-09-12 20:38 - 2013-09-12 20:38 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck (1).exe
2013-09-12 20:37 - 2013-09-12 20:37 - 00623003 _____ (No company) C:\Users\Jenny\Downloads\LanmanCheck.exe
2013-09-12 16:57 - 2011-11-11 18:45 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\vlc
2013-09-12 15:03 - 2013-09-12 15:03 - 00285646 _____ C:\Users\Jenny\Desktop\Reiseunterlagen 2.htm
2013-09-12 15:03 - 2013-09-12 15:03 - 00000000 ____D C:\Users\Jenny\Desktop\Reiseunterlagen 2_files
2013-09-12 15:02 - 2013-09-12 15:02 - 00283481 _____ C:\Users\Jenny\Desktop\Reiseunterlagen 1.htm
2013-09-12 15:02 - 2013-09-12 15:02 - 00000000 ____D C:\Users\Jenny\Desktop\Reiseunterlagen 1_files
2013-09-12 12:17 - 2013-09-12 12:17 - 00048347 _____ C:\Users\Jenny\Downloads\FRST.txt
2013-09-12 12:17 - 2013-09-12 12:17 - 00030706 _____ C:\Users\Jenny\Downloads\Addition.txt
2013-09-12 12:14 - 2013-09-12 12:14 - 01082587 _____ (Farbar) C:\Users\Jenny\Downloads\FRST.exe
2013-09-12 12:14 - 2013-09-12 12:14 - 00000000 ____D C:\FRST
2013-09-12 12:11 - 2013-09-12 12:11 - 00050477 _____ C:\Users\Jenny\Downloads\Defogger.exe
2013-09-12 11:59 - 2013-09-12 11:59 - 00000000 ____D C:\Users\Jenny\AppData\Local\avgchrome
2013-09-11 17:54 - 2013-09-11 17:54 - 05212254 _____ C:\Users\Jenny\Downloads\EVEG_GNTM.flv
2013-09-11 15:14 - 2013-09-11 15:14 - 09059029 _____ C:\Users\Jenny\Downloads\Anhänge_2013911 (1).zip
2013-09-11 14:32 - 2013-09-11 14:32 - 00000000 ____D C:\Users\Jenny\Downloads\Anhänge_2013911
2013-09-11 14:30 - 2013-09-11 14:29 - 13403826 _____ C:\Users\Jenny\Downloads\Anhänge_2013911.zip
2013-09-11 13:41 - 2013-04-03 18:12 - 00000648 _____ C:\Users\Jenny\muster_kuendigung_staufenbiel - Verknüpfung (5).lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000648 _____ C:\Users\Jenny\muster_kuendigung_staufenbiel - Verknüpfung (4).lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000578 _____ C:\Users\Jenny\DudenDemoAudio_s60V1_7 - Verknüpfung (4).lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000553 _____ C:\Users\Jenny\Unbenannt 1 - Verknüpfung (5).lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000553 _____ C:\Users\Jenny\Unbenannt 1 - Verknüpfung (4).lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000524 _____ C:\Users\Jenny\Neuer Ordner (5) - Verknüpfung ().lnk
2013-09-11 13:41 - 2013-04-03 18:12 - 00000524 _____ C:\Users\Jenny\Neuer Ordner (4) - Verknüpfung ().lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000648 _____ C:\Users\Jenny\muster_kuendigung_staufenbiel - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000648 _____ C:\Users\Jenny\muster_kuendigung_staufenbiel - Verknüpfung (3).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000648 _____ C:\Users\Jenny\muster_kuendigung_staufenbiel - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000608 _____ C:\Users\Jenny\Die Europäische Union - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000608 _____ C:\Users\Jenny\Die Europäische Union - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000599 _____ C:\Users\Jenny\hijackthis333333333333333 - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000599 _____ C:\Users\Jenny\hijackthis333333333333333 - Verknüpfung (3).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000599 _____ C:\Users\Jenny\hijackthis333333333333333 - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000578 _____ C:\Users\Jenny\DudenDemoAudio_s60V1_7 - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000578 _____ C:\Users\Jenny\DudenDemoAudio_s60V1_7 - Verknüpfung (3).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000578 _____ C:\Users\Jenny\DudenDemoAudio_s60V1_7 - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000569 _____ C:\Users\Jenny\FreeYouTubeToMP3Converter - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000569 _____ C:\Users\Jenny\FreeYouTubeToMP3Converter - Verknüpfung (3).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000569 _____ C:\Users\Jenny\FreeYouTubeToMP3Converter - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000553 _____ C:\Users\Jenny\Unbenannt 1 - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000553 _____ C:\Users\Jenny\Unbenannt 1 - Verknüpfung (3).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000553 _____ C:\Users\Jenny\Unbenannt 1 - Verknüpfung (2).lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000524 _____ C:\Users\Jenny\Neuer Ordner (3) - Verknüpfung ().lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000524 _____ C:\Users\Jenny\Neuer Ordner (2) - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000524 _____ C:\Users\Jenny\Neuer Ordner (2) - Verknüpfung ().lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000460 _____ C:\Users\Jenny\DivX - Verknüpfung.lnk
2013-09-11 13:41 - 2013-04-03 18:10 - 00000460 _____ C:\Users\Jenny\DivX - Verknüpfung (2).lnk
2013-09-10 18:58 - 2013-09-10 18:50 - 00000000 ____D C:\ProgramData\POIbase
2013-09-10 18:52 - 2013-09-10 18:50 - 00000000 ____D C:\Program Files\POIbase
2013-09-10 18:50 - 2013-09-10 18:50 - 00001610 _____ C:\Users\Public\Desktop\POIbase.lnk
2013-09-10 18:49 - 2013-09-10 18:49 - 21719272 _____ ( ) C:\Users\Jenny\Downloads\poibase_setup1066_poibase.exe
2013-09-10 18:46 - 2013-07-28 19:52 - 00006410 _____ C:\Windows\setupact.log
2013-09-09 19:32 - 2013-09-09 19:32 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272 (2).exe
2013-09-09 19:32 - 2013-09-09 19:32 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272 (1).exe
2013-09-09 19:00 - 2013-09-09 18:57 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Garmin
2013-09-09 18:59 - 2013-09-09 18:57 - 00000000 ____D C:\Program Files\Garmin
2013-09-09 18:59 - 2011-11-08 23:43 - 00000000 ____D C:\Program Files\DIFX
2013-09-09 18:59 - 2010-02-04 14:19 - 00000000 ____D C:\Users\Jenny
2013-09-09 18:57 - 2013-09-09 18:56 - 12915584 _____ (Igor Pavlov) C:\Users\Jenny\Downloads\POILoaderforWindows_272.exe
2013-09-08 12:25 - 2013-09-08 12:25 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Malwarebytes
2013-09-08 12:25 - 2013-09-08 12:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-08 12:05 - 2013-09-08 12:04 - 10284808 _____ (Malwarebytes Corporation ) C:\Users\Jenny\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-07 18:40 - 2013-09-07 18:40 - 96533415 _____ C:\Windows\system32\᭥讻᭄…
2013-09-05 17:47 - 2013-04-30 19:04 - 00000000 ____D C:\Users\Jenny\Documents\Bewerbung2008
2013-09-05 17:42 - 2011-09-09 19:51 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-05 14:13 - 2013-07-18 18:42 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-05 14:13 - 2013-04-10 15:22 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 16:50 - 2013-09-04 16:50 - 00000000 ____D C:\Program Files\Tor
2013-08-23 18:52 - 2013-04-07 12:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-23 10:55 - 2013-04-15 11:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\Users\Jenny\ApnToolbarInstaller.exe
C:\Users\Jenny\gimp-2.6.11-i686-setup-1.exe
C:\Users\Jenny\jagex_runescape_preferences.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-20 17:36
==================== End Of Log ============================ --- --- --- |