Hallo schrauber,
hier ist der Bericht von Malwarebytes Anti-Malware: Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.11.21.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Neagu :: NEAGU-PC [Administrator]
Schutz: Deaktiviert
21.11.2013 14:32:19
mbam-log-2013-11-21 (14-32-19).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 213274
Laufzeit: 11 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Users\Neagu\Downloads\FreeYouTubeDownload(1).exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\dosearches.xml (PUP.Optional.DoSearches.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende) Hallo schrauber,
im Folgenden der Bericht von adwcleaner:
AdwCleaner Logfile: Code:
# AdwCleaner v3.012 - Bericht erstellt am 21/11/2013 um 15:00:43
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Neagu - NEAGU-PC
# Gestartet von : C:\Users\Neagu\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Neagu\AppData\Roaming\Oxy
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Neagu\AppData\Roaming\Mozilla\Firefox\Profiles\gvahebpj.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"avira.com\":{\"c\":[1],\"ttl\":1380017683},\"facebook.com\":{\"c\":[1],\"ttl\":1379594429},\"wikipedia.org\":{\"c\":[1],\"ttl\":1379[...]
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "48c941b600000000000074de2bdbc9b5");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16019");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.26.817:14:17");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1384109086045");
Zeile gelöscht : user_pref("iminent.version", "7.43.4.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.43.4.1\",\"InstallEventCTime\":1384100066248,\"InstallEvent\":\"True\"}");
-\\ Google Chrome v
[ Datei : C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [21838 octets] - [11/11/2013 00:48:04]
AdwCleaner[R1].txt - [1163 octets] - [11/11/2013 00:58:31]
AdwCleaner[R2].txt - [3576 octets] - [21/11/2013 14:54:50]
AdwCleaner[S0].txt - [17818 octets] - [11/11/2013 00:50:06]
AdwCleaner[S1].txt - [1225 octets] - [11/11/2013 00:59:44]
AdwCleaner[S2].txt - [3453 octets] - [21/11/2013 15:00:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3513 octets] ########## --- --- ---
Hier ist das Logfile JRT.txt von Junkware Removal Tool:
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Neagu on 21.11.2013 at 15:09:24,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_USERS\.DEFAULT\Software\SearchProtect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{03D8EAA0-EA8E-489A-A15B-9640EA64C398}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{155ACF86-51CA-4988-89DE-2EE394827590}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Neagu\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Neagu\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Neagu\appdata\local\{252F804C-1A4A-410C-A559-3DFCA8804A39}
Successfully deleted: [Empty Folder] C:\Users\Neagu\appdata\local\{456730AC-C639-439B-AFE5-789A766D9FFA}
Successfully deleted: [Empty Folder] C:\Users\Neagu\appdata\local\{F28B4C3A-B789-4C74-BEE7-11A1FE405FC9}
~~~ FireFox
Successfully deleted: [File] C:\Users\Neagu\AppData\Roaming\mozilla\firefox\profiles\gvahebpj.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted the following from C:\Users\Neagu\AppData\Roaming\mozilla\firefox\profiles\gvahebpj.default\prefs.js
user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":39,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Anal
user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\"");
Emptied folder: C:\Users\Neagu\AppData\Roaming\mozilla\firefox\profiles\gvahebpj.default\minidumps [236 files]
~~~ Chrome
Failed to delete: [Folder] C:\Users\Neagu\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.11.2013 at 15:25:43,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- --- ---
Nur eine kleine Zwischenfrage: Es ist doch bestimmt kein sonderlich gutes Zeichen, wenn ich so viele Extraschritte machen muss, oder?
Hier jedenfalls die zweite FRST log:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Neagu (administrator) on NEAGU-PC on 21-11-2013 15:28:36
Running from C:\Users\Neagu\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
() C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
Startup: C:\Users\Neagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Neagu\AppData\Roaming\Mozilla\Firefox\Profiles\gvahebpj.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Neagu\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Neagu\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (dosearches) - hxxp://www.google.com
CHR DefaultSuggestURL: (dosearches) - hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Neagu\AppData\Local\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Neagu\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Neagu\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u00C2\u2122 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: () - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\25.62088_0
CHR Extension: (YouTube) - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Neagu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\Neagu\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-31] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-21 15:25 - 2013-11-21 15:25 - 00002652 _____ C:\Users\Neagu\Desktop\JRT.txt
2013-11-21 15:09 - 2013-11-21 15:09 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 15:08 - 2013-11-21 15:08 - 01034531 _____ (Thisisu) C:\Users\Neagu\Downloads\JRT.exe
2013-11-21 14:53 - 2013-11-21 14:53 - 01085542 _____ C:\Users\Neagu\Downloads\adwcleaner.exe
2013-11-21 14:28 - 2013-11-21 14:28 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-21 14:28 - 2013-11-21 14:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-21 14:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-21 14:27 - 2013-11-21 14:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neagu\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-20 10:14 - 2013-11-20 10:14 - 00015535 _____ C:\ComboFix.txt
2013-11-20 09:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-20 09:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-20 09:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-20 09:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-20 09:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-20 09:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-20 09:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-20 09:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-20 09:54 - 2013-11-20 10:14 - 00000000 ____D C:\Qoobox
2013-11-20 09:54 - 2013-11-20 10:12 - 00000000 ____D C:\Windows\erdnt
2013-11-20 09:53 - 2013-11-20 09:54 - 05146522 ____R (Swearware) C:\Users\Neagu\Downloads\ComboFix.exe
2013-11-20 09:19 - 2013-11-20 09:19 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Avira
2013-11-20 09:18 - 2013-11-20 09:18 - 00021748 _____ C:\Users\Neagu\Downloads\AVSCAN-20131120-091646-42C7ACAE.LOG
2013-11-20 09:13 - 2013-11-20 09:13 - 00002078 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-20 09:13 - 2013-11-20 09:13 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-20 09:13 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-20 09:13 - 2013-10-31 19:25 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-20 09:13 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-20 09:13 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-20 09:07 - 2013-11-20 09:10 - 126764512 _____ C:\Users\Neagu\Downloads\avira_free_antivirus_de(1).exe
2013-11-20 08:49 - 2013-11-20 08:49 - 00004756 _____ C:\Users\Neagu\Downloads\Gmer.txt
2013-11-20 08:36 - 2013-11-20 08:36 - 00377856 _____ C:\Users\Neagu\Downloads\tkmo6ill.exe
2013-11-20 08:34 - 2013-11-20 08:35 - 00022924 _____ C:\Users\Neagu\Downloads\Addition.txt
2013-11-20 08:30 - 2013-11-21 15:28 - 00013755 _____ C:\Users\Neagu\Downloads\FRST.txt
2013-11-20 08:30 - 2013-11-20 08:30 - 00000000 ____D C:\FRST
2013-11-20 08:29 - 2013-11-20 08:29 - 01957964 _____ (Farbar) C:\Users\Neagu\Downloads\FRST64.exe
2013-11-20 08:26 - 2013-11-20 08:26 - 00000472 _____ C:\Users\Neagu\Downloads\defogger_disable.log
2013-11-20 08:26 - 2013-11-20 08:26 - 00000000 _____ C:\Users\Neagu\defogger_reenable
2013-11-20 08:25 - 2013-11-20 08:25 - 00050477 _____ C:\Users\Neagu\Downloads\Defogger.exe
2013-11-18 16:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-18 16:48 - 2013-11-18 16:48 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-18 16:48 - 2013-11-18 16:48 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 16:48 - 2013-11-18 16:48 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-18 16:48 - 2013-11-18 16:48 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-18 16:48 - 2013-11-18 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 16:48 - 2013-11-18 16:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 16:48 - 2013-11-18 16:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-18 16:48 - 2013-11-18 16:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 16:48 - 2013-11-18 16:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-18 16:48 - 2013-11-18 16:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 16:47 - 2013-11-18 16:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 16:46 - 2013-11-18 16:55 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-18 16:38 - 2013-11-18 16:38 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Malwarebytes
2013-11-18 16:38 - 2013-11-18 16:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 16:37 - 2013-11-18 16:37 - 00618912 _____ C:\Users\Neagu\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-11-17 10:58 - 2013-11-17 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 17:48 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 17:48 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 17:47 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 17:47 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 17:47 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 17:47 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 17:47 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 17:47 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 17:47 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 17:47 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 17:47 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 17:47 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 17:47 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 17:47 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 17:47 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 17:47 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 17:47 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 17:47 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 17:47 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 17:47 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 17:47 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 17:47 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 17:47 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 17:47 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 17:47 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 17:47 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 17:47 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 17:47 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 17:47 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 17:47 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 00:47 - 2013-11-21 15:00 - 00000000 ____D C:\AdwCleaner
2013-11-11 00:47 - 2013-11-11 00:47 - 01073258 _____ C:\Users\Neagu\Downloads\adw311cleaner.exe
2013-11-10 17:26 - 2013-11-10 17:27 - 00000000 ____D C:\Users\Neagu\AppData\Local\Windows Live Writer
2013-11-10 17:26 - 2013-11-10 17:26 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Windows Live Writer
2013-11-10 17:13 - 2013-11-11 00:33 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-10 17:11 - 2013-11-10 17:27 - 00003528 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-10-25 09:02 - 2013-10-25 09:02 - 02268637 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.74.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 02242416 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.75.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 02147335 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.76.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 01757882 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.73.eaf
2013-10-25 09:02 - 2013-10-25 09:01 - 00102644 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.76.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00186005 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.75.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00083276 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.74.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00045490 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.73.eaf
2013-10-24 13:25 - 2013-10-24 13:25 - 00510960 _____ C:\Users\Neagu\Downloads\notkerpb_19_Ps._19-Author__Notker.Ps.19.60(1).eaf
==================== One Month Modified Files and Folders =======
2013-11-21 15:29 - 2013-11-20 08:30 - 00013755 _____ C:\Users\Neagu\Downloads\FRST.txt
2013-11-21 15:27 - 2012-07-10 11:52 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2316090547-2145483676-150453018-1000UA.job
2013-11-21 15:27 - 2012-07-10 11:52 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2316090547-2145483676-150453018-1000Core.job
2013-11-21 15:25 - 2013-11-21 15:25 - 00002652 _____ C:\Users\Neagu\Desktop\JRT.txt
2013-11-21 15:11 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-21 15:11 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-21 15:09 - 2013-11-21 15:09 - 00000000 ____D C:\Windows\ERUNT
2013-11-21 15:08 - 2013-11-21 15:08 - 01034531 _____ (Thisisu) C:\Users\Neagu\Downloads\JRT.exe
2013-11-21 15:02 - 2012-07-05 12:47 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-21 15:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-21 15:02 - 2009-07-14 05:51 - 00135075 _____ C:\Windows\setupact.log
2013-11-21 15:01 - 2011-12-19 00:47 - 01549802 _____ C:\Windows\WindowsUpdate.log
2013-11-21 15:00 - 2013-11-11 00:47 - 00000000 ____D C:\AdwCleaner
2013-11-21 14:53 - 2013-11-21 14:53 - 01085542 _____ C:\Users\Neagu\Downloads\adwcleaner.exe
2013-11-21 14:47 - 2010-11-21 04:47 - 00960812 _____ C:\Windows\PFRO.log
2013-11-21 14:33 - 2012-07-05 12:47 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-21 14:28 - 2013-11-21 14:28 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-21 14:28 - 2013-11-21 14:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-21 14:27 - 2013-11-21 14:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neagu\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-20 15:02 - 2012-06-26 07:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-20 11:22 - 2013-06-03 09:05 - 00018123 _____ C:\Users\Neagu\Documents\AlleSo Rechnung.odt
2013-11-20 10:14 - 2013-11-20 10:14 - 00015535 _____ C:\ComboFix.txt
2013-11-20 10:14 - 2013-11-20 09:54 - 00000000 ____D C:\Qoobox
2013-11-20 10:12 - 2013-11-20 09:54 - 00000000 ____D C:\Windows\erdnt
2013-11-20 10:10 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-20 09:54 - 2013-11-20 09:53 - 05146522 ____R (Swearware) C:\Users\Neagu\Downloads\ComboFix.exe
2013-11-20 09:19 - 2013-11-20 09:19 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Avira
2013-11-20 09:18 - 2013-11-20 09:18 - 00021748 _____ C:\Users\Neagu\Downloads\AVSCAN-20131120-091646-42C7ACAE.LOG
2013-11-20 09:13 - 2013-11-20 09:13 - 00002078 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-20 09:13 - 2013-11-20 09:13 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-20 09:13 - 2012-08-08 12:47 - 00000000 ____D C:\ProgramData\Avira
2013-11-20 09:10 - 2013-11-20 09:07 - 126764512 _____ C:\Users\Neagu\Downloads\avira_free_antivirus_de(1).exe
2013-11-20 08:49 - 2013-11-20 08:49 - 00004756 _____ C:\Users\Neagu\Downloads\Gmer.txt
2013-11-20 08:36 - 2013-11-20 08:36 - 00377856 _____ C:\Users\Neagu\Downloads\tkmo6ill.exe
2013-11-20 08:35 - 2013-11-20 08:34 - 00022924 _____ C:\Users\Neagu\Downloads\Addition.txt
2013-11-20 08:30 - 2013-11-20 08:30 - 00000000 ____D C:\FRST
2013-11-20 08:29 - 2013-11-20 08:29 - 01957964 _____ (Farbar) C:\Users\Neagu\Downloads\FRST64.exe
2013-11-20 08:26 - 2013-11-20 08:26 - 00000472 _____ C:\Users\Neagu\Downloads\defogger_disable.log
2013-11-20 08:26 - 2013-11-20 08:26 - 00000000 _____ C:\Users\Neagu\defogger_reenable
2013-11-20 08:26 - 2012-06-06 14:58 - 00000000 ____D C:\Users\Neagu
2013-11-20 08:25 - 2013-11-20 08:25 - 00050477 _____ C:\Users\Neagu\Downloads\Defogger.exe
2013-11-19 08:46 - 2012-06-06 15:00 - 00001337 _____ C:\Users\Neagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-19 08:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-18 16:55 - 2013-11-18 16:46 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-18 16:48 - 2013-11-18 16:48 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-18 16:48 - 2013-11-18 16:48 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-18 16:48 - 2013-11-18 16:48 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-18 16:48 - 2013-11-18 16:48 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-18 16:48 - 2013-11-18 16:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-18 16:48 - 2013-11-18 16:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-18 16:48 - 2013-11-18 16:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-18 16:48 - 2013-11-18 16:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-18 16:48 - 2013-11-18 16:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-18 16:48 - 2013-11-18 16:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-18 16:48 - 2013-11-18 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-18 16:48 - 2013-11-18 16:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-18 16:47 - 2013-11-18 16:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-18 16:47 - 2013-11-18 16:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-18 16:47 - 2013-11-18 16:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 16:38 - 2013-11-18 16:38 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Malwarebytes
2013-11-18 16:38 - 2013-11-18 16:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 16:37 - 2013-11-18 16:37 - 00618912 _____ C:\Users\Neagu\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-11-18 13:37 - 2012-07-10 11:53 - 00002368 _____ C:\Users\Neagu\Desktop\Google Chrome.lnk
2013-11-18 09:46 - 2013-05-11 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-17 18:10 - 2013-10-14 08:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-17 18:10 - 2012-11-01 18:09 - 00001943 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-17 10:58 - 2013-11-17 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 19:05 - 2013-08-07 13:19 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 19:03 - 2013-06-04 08:44 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 19:17 - 2011-11-23 19:22 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-11-12 19:17 - 2011-11-23 19:22 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-11-12 19:17 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 00:50 - 2013-05-11 15:14 - 00001061 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-11 00:50 - 2012-07-10 11:53 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-11 00:47 - 2013-11-11 00:47 - 01073258 _____ C:\Users\Neagu\Downloads\adw311cleaner.exe
2013-11-11 00:41 - 2012-07-17 07:48 - 00000000 ____D C:\Users\Neagu\AppData\Local\CrashDumps
2013-11-11 00:33 - 2013-11-10 17:13 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-10 19:53 - 2012-06-06 15:00 - 00000000 ___RD C:\Users\Neagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-10 17:27 - 2013-11-10 17:26 - 00000000 ____D C:\Users\Neagu\AppData\Local\Windows Live Writer
2013-11-10 17:27 - 2013-11-10 17:11 - 00003528 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-11-10 17:26 - 2013-11-10 17:26 - 00000000 ____D C:\Users\Neagu\AppData\Roaming\Windows Live Writer
2013-10-31 19:25 - 2013-11-20 09:13 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-31 19:25 - 2013-11-20 09:13 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-31 19:25 - 2013-11-20 09:13 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-31 19:25 - 2013-11-20 09:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-30 09:48 - 2012-10-30 18:42 - 00000000 ____D C:\Users\Neagu\Documents\Telekom Rechnungen
2013-10-28 12:45 - 2012-10-09 11:44 - 00000000 ____D C:\Users\Neagu\Documents\Kündigungen
2013-10-26 17:44 - 2013-06-05 11:01 - 00000000 ____D C:\Users\Neagu\Desktop\114_FUJI
2013-10-25 09:02 - 2013-10-25 09:02 - 02268637 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.74.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 02242416 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.75.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 02147335 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.76.eaf
2013-10-25 09:02 - 2013-10-25 09:02 - 01757882 _____ C:\Users\Neagu\Downloads\notket_24_Ps._24-Author__Notker.Ps.24.73.eaf
2013-10-25 09:01 - 2013-10-25 09:02 - 00102644 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.76.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00186005 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.75.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00083276 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.74.eaf
2013-10-25 09:01 - 2013-10-25 09:01 - 00045490 _____ C:\Users\Neagu\Downloads\notkerpb_24_Ps._24-Author__Notker.Ps.24.73.eaf
2013-10-24 13:25 - 2013-10-24 13:25 - 00510960 _____ C:\Users\Neagu\Downloads\notkerpb_19_Ps._19-Author__Notker.Ps.19.60(1).eaf
Some content of TEMP:
====================
C:\Users\Neagu\AppData\Local\Temp\avgnt.exe
C:\Users\Neagu\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2012-11-15 09:39
==================== End Of Log ============================ --- --- ---
--- --- --- |