Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 28.07.2014 18:42:11, SYSTEM, ACER, Protection, Malware Protection, Starting,
Protection, 28.07.2014 18:42:11, SYSTEM, ACER, Protection, Malware Protection, Started,
Protection, 28.07.2014 18:42:11, SYSTEM, ACER, Protection, Malicious Website Protection, Starting,
Protection, 28.07.2014 18:42:11, SYSTEM, ACER, Protection, Malicious Website Protection, Started,
Update, 28.07.2014 18:42:15, SYSTEM, ACER, Manual, Rootkit Database, 2014.2.20.1, 2014.7.17.1,
Update, 28.07.2014 18:42:17, SYSTEM, ACER, Manual, Malware Database, 2014.3.4.9, 2014.7.28.4,
Protection, 28.07.2014 18:42:18, SYSTEM, ACER, Protection, Refresh, Starting,
Protection, 28.07.2014 18:42:18, SYSTEM, ACER, Protection, Malicious Website Protection, Stopping,
Protection, 28.07.2014 18:42:18, SYSTEM, ACER, Protection, Malicious Website Protection, Stopped,
Protection, 28.07.2014 18:42:21, SYSTEM, ACER, Protection, Refresh, Success,
Protection, 28.07.2014 18:42:21, SYSTEM, ACER, Protection, Malicious Website Protection, Starting,
Protection, 28.07.2014 18:42:21, SYSTEM, ACER, Protection, Malicious Website Protection, Started,
Protection, 28.07.2014 18:59:08, SYSTEM, ACER, Protection, Malware Protection, Starting,
Protection, 28.07.2014 18:59:08, SYSTEM, ACER, Protection, Malware Protection, Started,
Protection, 28.07.2014 18:59:08, SYSTEM, ACER, Protection, Malicious Website Protection, Starting,
Detection, 28.07.2014 18:59:08, SYSTEM, ACER, Protection, Malware Protection, File, PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe, Quarantine, [41a3f2b21a6138fee625187c4cb51ce4]
Protection, 28.07.2014 19:00:16, SYSTEM, ACER, Protection, Malicious Website Protection, Started,
Detection, 28.07.2014 19:00:26, SYSTEM, ACER, Protection, Malware Protection, File, PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe, Quarantine, [41a3f2b21a6138fee625187c4cb51ce4]
(end) Code:
# AdwCleaner v3.301 - Bericht erstellt am 28/07/2014 um 19:18:58
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : AV Markt - ACER
# Gestartet von : C:\Users\AV Markt\Downloads\adwcleaner_3.301 (1).exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : Update NetCrawl
[#] Dienst Gelöscht : Util NetCrawl
Dienst Gelöscht : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64
Dienst Gelöscht : {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\NetCrawl
Ordner Gelöscht : C:\Users\AVMARK~1\AppData\Local\Temp\NetCrawl
Ordner Gelöscht : C:\Users\AV Markt\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\AV Markt\AppData\Roaming\RocketUpdater
Ordner Gelöscht : C:\Users\AV Markt\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[!] Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
[!] Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
[!] Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
[!] Ordner Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Datei Gelöscht : C:\END
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\WINDOWS\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
Datei Gelöscht : C:\WINDOWS\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys
Datei Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : Rocket Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\NetCrawl
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\RocketUpdater
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\NetCrawl
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetCrawl
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Google Chrome v36.0.1985.125
[ Datei : C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Homepage] : hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_27_ch&cd=2XzuyEtN2Y1L1QzuyEzzyD0A0ByCtDzzzzyEtAtByDyBtDtCtN0D0Tzu0SzytCyCtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0B0DyByB0CtAtDtGtDtCzz0DtGyDyDzyyBtGzztA0D0AtGyEyCtC0DtB0F0E0E0CyDzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtC0AyCyEzzyDzytGtAtD0B0BtG0FzztBtCtG0CtAyCtDtGtCzztDyB0FtDtDyB0AtDyDyC2Q&cr=2000979275&ir=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Gelöscht [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : ibnjmihbbanannlbobkbmnmckjnmdnom
Gelöscht [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
*************************
AdwCleaner[R0].txt - [7305 octets] - [28/07/2014 19:16:20]
AdwCleaner[R1].txt - [8272 octets] - [28/07/2014 19:16:49]
AdwCleaner[S0].txt - [6519 octets] - [28/07/2014 19:18:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6579 octets] ########## Code:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by AV Markt on 28.07.2014 at 19:26:20,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2014 at 19:29:51,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by AV Markt (administrator) on ACER on 28-07-2014 19:34:33
Running from C:\Users\AV Markt\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\AV Markt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Atheros Communications))
HKU\S-1-5-21-3271435860-3997494834-1154430571-1002\...\Run: [Spotify Web Helper] => C:\Users\AV Markt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-22] (Spotify Ltd)
HKU\S-1-5-21-3271435860-3997494834-1154430571-1002\...\MountPoints2: {f10bc38a-f31b-11e3-be76-20256416a93b} - "F:\LaunchU3.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\AV Markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AV Markt\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {BCFB360F-3B73-42D3-B2C9-082F3BEC21E5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {BCFB360F-3B73-42D3-B2C9-082F3BEC21E5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {BCFB360F-3B73-42D3-B2C9-082F3BEC21E5} URL =
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-14]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-15]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-15]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-06-15]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "https://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-15]
CHR Extension: (Google Drive) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-15]
CHR Extension: (YouTube) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-15]
CHR Extension: (Adblock Plus) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\AV Markt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-20] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) Code:
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 19:34 - 2014-07-28 19:34 - 00000000 ____D () C:\Users\AV Markt\Desktop\FRST-OlderVersion
2014-07-28 19:29 - 2014-07-28 19:29 - 00000687 _____ () C:\Users\AV Markt\Desktop\JRT.txt
2014-07-28 19:26 - 2014-07-28 19:26 - 01016261 _____ (Thisisu) C:\Users\AV Markt\Downloads\JRT (1).exe
2014-07-28 19:25 - 2014-07-28 19:25 - 01016261 _____ (Thisisu) C:\Users\AV Markt\Downloads\JRT.exe
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-28 19:22 - 2014-07-28 19:22 - 00006687 _____ () C:\Users\AV Markt\Desktop\AdwCleaner[S0].txt
2014-07-28 19:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-28 19:12 - 2014-07-28 19:19 - 00000000 ____D () C:\AdwCleaner
2014-07-28 19:12 - 2014-07-28 19:12 - 01365525 _____ () C:\Users\AV Markt\Downloads\adwcleaner_3.301.exe
2014-07-28 19:12 - 2014-07-28 19:12 - 01365525 _____ () C:\Users\AV Markt\Downloads\adwcleaner_3.301 (1).exe
2014-07-28 19:07 - 2014-07-28 19:07 - 00002000 _____ () C:\Users\AV Markt\Desktop\mbam.txt
2014-07-28 18:42 - 2014-07-28 19:21 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 18:42 - 2014-07-28 18:42 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-28 18:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-28 18:42 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-28 18:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-28 18:39 - 2014-07-28 18:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\AV Markt\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 18:27 - 2014-07-28 18:27 - 00001244 _____ () C:\Users\AV Markt\Desktop\Revo Uninstaller.lnk
2014-07-28 18:27 - 2014-07-28 18:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-28 18:26 - 2014-07-28 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\AV Markt\Downloads\revosetup95.exe
2014-07-28 18:26 - 2014-07-28 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\AV Markt\Downloads\revosetup95 (1).exe
2014-07-26 18:11 - 2014-07-26 19:07 - 00024899 _____ () C:\Users\AV Markt\Desktop\Rechtliche Rahmenbedingungen der Markenführung im Social Web.odt
2014-07-26 18:11 - 2014-07-26 18:44 - 00019968 ___SH () C:\Users\AV Markt\Desktop\Thumbs.db
2014-07-26 17:27 - 2014-07-14 23:30 - 00022345 _____ () C:\Users\AV Markt\Documents\Ausarbeitung_Forschungsdesign_Hausarbeit.odt_0.odt
2014-07-26 17:25 - 2014-07-28 19:30 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 17:25 - 2014-07-28 19:23 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-26 17:25 - 2014-07-28 19:21 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 17:25 - 2014-07-26 17:25 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-26 17:25 - 2014-07-26 17:25 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-26 17:25 - 2014-07-26 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-26 17:24 - 2014-07-26 17:25 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Deployment
2014-07-26 17:24 - 2014-07-26 17:24 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Apps\2.0
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\Public\OEM
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\PicStream
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\Documents\clear.fi
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\clear.fi
2014-07-26 13:32 - 2014-07-26 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-07-26 13:32 - 2014-07-26 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-26 13:30 - 2014-07-26 13:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-26 13:29 - 2014-07-26 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-07-26 13:28 - 2014-07-26 13:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-26 13:28 - 2014-07-26 13:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-26 13:27 - 2014-07-26 13:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 13:27 - 2014-07-26 13:27 - 00000000 __RHD () C:\MSOCache
2014-07-26 13:27 - 2014-07-26 13:27 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Microsoft Help
2014-07-15 22:39 - 2014-07-15 22:39 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\AV Markt\Downloads\CreativeCloudSet-Up (1).exe
2014-07-15 22:22 - 2014-07-15 22:23 - 00037631 _____ () C:\Users\AV Markt\Desktop\Addition.txt
2014-07-15 22:17 - 2014-07-28 19:34 - 00017965 _____ () C:\Users\AV Markt\Desktop\FRST.txt
2014-07-15 21:04 - 2014-07-15 21:04 - 00000000 ____D () C:\adobeTemp
2014-07-15 20:44 - 2014-07-15 20:44 - 00027893 _____ () C:\Users\AV Markt\AppData\Local\recently-used.xbel
2014-07-15 00:36 - 2014-07-15 00:38 - 00038857 _____ () C:\Users\AV Markt\Downloads\Addition.txt
2014-07-15 00:33 - 2014-07-15 00:38 - 00161572 _____ () C:\Users\AV Markt\Downloads\FRST.txt
2014-07-15 00:32 - 2014-07-28 19:34 - 00000000 ____D () C:\FRST
2014-07-15 00:29 - 2014-07-28 19:34 - 02093568 _____ (Farbar) C:\Users\AV Markt\Desktop\FRST64.exe
2014-07-15 00:29 - 2014-07-15 00:29 - 02086912 _____ (Farbar) C:\Users\AV Markt\Downloads\FRST64 (1).exe
2014-07-14 23:37 - 2014-07-14 23:38 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\uTorrent
2014-07-14 23:34 - 2014-07-14 23:34 - 01331792 _____ (BitTorrent Inc.) C:\Users\AV Markt\Downloads\uTorrent.exe
2014-07-11 14:21 - 2014-07-11 14:21 - 00000000 ____D () C:\Users\AV Markt\Documents\Fax
2014-07-11 14:11 - 2014-07-11 14:11 - 00000000 ____D () C:\Users\AV Markt\Desktop\Lisas Dateien
2014-07-11 14:09 - 2014-07-11 14:09 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\OpenOffice
2014-07-10 18:48 - 2014-07-10 18:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-10 13:14 - 2014-07-10 13:14 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-07-10 13:11 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-10 13:06 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-10 13:06 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-10 13:06 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-10 13:06 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-10 13:06 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-10 13:06 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-10 13:06 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-10 13:06 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-10 13:06 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-10 13:06 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-10 13:05 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-10 13:05 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-10 13:05 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 13:05 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-10 13:05 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 13:05 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 13:05 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 13:05 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 13:05 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 13:05 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-10 13:05 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-10 13:04 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-10 13:04 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-10 13:04 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-10 13:04 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-10 13:04 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-10 13:04 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-10 13:04 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-10 13:04 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-10 13:04 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-10 13:04 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 13:04 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-10 13:04 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-10 13:04 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 13:04 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-10 13:04 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-10 13:04 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-10 13:04 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-10 13:04 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-10 13:04 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-10 13:04 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-10 13:02 - 2014-07-10 13:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-06 01:53 - 2014-07-28 18:29 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A556E82F-57C3-4D16-8970-904A6DEF4BDF}
2014-07-06 01:53 - 2014-07-06 01:53 - 00000000 __SHD () C:\Users\AV Markt\AppData\Local\EmieUserList
2014-07-06 01:53 - 2014-07-06 01:53 - 00000000 __SHD () C:\Users\AV Markt\AppData\Local\EmieSiteList
2014-07-05 13:22 - 2014-07-05 13:23 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-07-05 13:22 - 2014-07-05 13:22 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-07-05 13:22 - 2014-07-05 13:22 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 19:34 - 2014-07-28 19:34 - 00000000 ____D () C:\Users\AV Markt\Desktop\FRST-OlderVersion
2014-07-28 19:34 - 2014-07-15 22:17 - 00017965 _____ () C:\Users\AV Markt\Desktop\FRST.txt
2014-07-28 19:34 - 2014-07-15 00:32 - 00000000 ____D () C:\FRST
2014-07-28 19:34 - 2014-07-15 00:29 - 02093568 _____ (Farbar) C:\Users\AV Markt\Desktop\FRST64.exe
2014-07-28 19:32 - 2014-06-10 22:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3271435860-3997494834-1154430571-1002
2014-07-28 19:30 - 2014-07-26 17:25 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 19:29 - 2014-07-28 19:29 - 00000687 _____ () C:\Users\AV Markt\Desktop\JRT.txt
2014-07-28 19:26 - 2014-07-28 19:26 - 01016261 _____ (Thisisu) C:\Users\AV Markt\Downloads\JRT (1).exe
2014-07-28 19:25 - 2014-07-28 19:25 - 01016261 _____ (Thisisu) C:\Users\AV Markt\Downloads\JRT.exe
2014-07-28 19:25 - 2014-07-28 19:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-28 19:23 - 2014-07-26 17:25 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-28 19:22 - 2014-07-28 19:22 - 00006687 _____ () C:\Users\AV Markt\Desktop\AdwCleaner[S0].txt
2014-07-28 19:22 - 2014-06-20 01:33 - 00000000 __RDO () C:\Users\AV Markt\OneDrive
2014-07-28 19:22 - 2014-06-14 21:58 - 00000000 ___RD () C:\Users\AV Markt\Dropbox
2014-07-28 19:22 - 2014-06-14 21:55 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\Dropbox
2014-07-28 19:21 - 2014-07-28 18:42 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 19:21 - 2014-07-26 17:25 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 19:20 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-28 19:19 - 2014-07-28 19:12 - 00000000 ____D () C:\AdwCleaner
2014-07-28 19:19 - 2014-03-18 03:50 - 00055122 _____ () C:\WINDOWS\PFRO.log
2014-07-28 19:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-28 19:13 - 2014-06-13 20:52 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\Spotify
2014-07-28 19:12 - 2014-07-28 19:12 - 01365525 _____ () C:\Users\AV Markt\Downloads\adwcleaner_3.301.exe
2014-07-28 19:12 - 2014-07-28 19:12 - 01365525 _____ () C:\Users\AV Markt\Downloads\adwcleaner_3.301 (1).exe
2014-07-28 19:07 - 2014-07-28 19:07 - 00002000 _____ () C:\Users\AV Markt\Desktop\mbam.txt
2014-07-28 18:58 - 2014-06-20 01:00 - 00000000 ____D () C:\Users\AV Markt
2014-07-28 18:42 - 2014-07-28 18:42 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-28 18:42 - 2014-07-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-28 18:39 - 2014-07-28 18:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\AV Markt\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 18:38 - 2014-06-15 12:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-28 18:31 - 2014-06-20 00:53 - 01993686 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-28 18:29 - 2014-07-06 01:53 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A556E82F-57C3-4D16-8970-904A6DEF4BDF}
2014-07-28 18:27 - 2014-07-28 18:27 - 00001244 _____ () C:\Users\AV Markt\Desktop\Revo Uninstaller.lnk
2014-07-28 18:27 - 2014-07-28 18:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-28 18:27 - 2014-06-14 22:01 - 00000000 ____D () C:\Users\AV Markt\Desktop\Uni
2014-07-28 18:26 - 2014-07-28 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\AV Markt\Downloads\revosetup95.exe
2014-07-28 18:26 - 2014-07-28 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\AV Markt\Downloads\revosetup95 (1).exe
2014-07-28 18:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-28 18:14 - 2012-07-26 07:26 - 00000301 _____ () C:\WINDOWS\win.ini
2014-07-28 18:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-26 19:07 - 2014-07-26 18:11 - 00024899 _____ () C:\Users\AV Markt\Desktop\Rechtliche Rahmenbedingungen der Markenführung im Social Web.odt
2014-07-26 18:44 - 2014-07-26 18:11 - 00019968 ___SH () C:\Users\AV Markt\Desktop\Thumbs.db
2014-07-26 17:25 - 2014-07-26 17:25 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-26 17:25 - 2014-07-26 17:25 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-26 17:25 - 2014-07-26 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-26 17:25 - 2014-07-26 17:24 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Deployment
2014-07-26 17:25 - 2014-06-15 12:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-26 17:24 - 2014-07-26 17:24 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Apps\2.0
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\Public\OEM
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\PicStream
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\Documents\clear.fi
2014-07-26 14:16 - 2014-07-26 14:16 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\clear.fi
2014-07-26 14:14 - 2014-06-07 19:09 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Pokki
2014-07-26 14:13 - 2014-06-07 19:09 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Packages
2014-07-26 14:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-26 14:07 - 2014-06-14 22:38 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-26 14:07 - 2014-06-07 19:11 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\Adobe
2014-07-26 14:06 - 2013-04-18 12:07 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-26 14:05 - 2013-04-18 12:07 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-26 13:34 - 2013-08-22 16:44 - 05164944 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-26 13:32 - 2014-07-26 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-07-26 13:32 - 2014-07-26 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-26 13:32 - 2014-07-26 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-07-26 13:31 - 2014-07-26 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-26 13:31 - 2014-06-20 01:40 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-26 13:31 - 2014-01-25 14:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-26 13:30 - 2014-07-26 13:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-26 13:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-26 13:29 - 2014-07-26 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-07-26 13:28 - 2014-07-26 13:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-26 13:28 - 2014-07-26 13:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-26 13:28 - 2014-03-18 11:40 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-07-26 13:27 - 2014-07-26 13:27 - 00000000 __RHD () C:\MSOCache
2014-07-26 13:27 - 2014-07-26 13:27 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Microsoft Help
2014-07-26 13:11 - 2013-04-18 12:08 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-26 13:08 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-26 13:06 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-07-24 19:12 - 2014-06-14 01:08 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-23 21:58 - 2014-06-14 21:57 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-22 09:37 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-22 09:37 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-22 09:37 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-22 09:33 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-21 19:10 - 2014-06-13 20:52 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Spotify
2014-07-16 14:09 - 2013-08-22 16:46 - 00331050 _____ () C:\WINDOWS\setupact.log
2014-07-15 22:39 - 2014-07-15 22:39 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\AV Markt\Downloads\CreativeCloudSet-Up (1).exe
2014-07-15 22:23 - 2014-07-15 22:22 - 00037631 _____ () C:\Users\AV Markt\Desktop\Addition.txt
2014-07-15 21:04 - 2014-07-15 21:04 - 00000000 ____D () C:\adobeTemp
2014-07-15 21:04 - 2014-06-14 22:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-15 20:44 - 2014-07-15 20:44 - 00027893 _____ () C:\Users\AV Markt\AppData\Local\recently-used.xbel
2014-07-15 20:44 - 2014-06-16 00:19 - 00000000 ____D () C:\Users\AV Markt\.gimp-2.8
2014-07-15 07:35 - 2014-06-15 12:23 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\Adobe
2014-07-15 00:38 - 2014-07-15 00:36 - 00038857 _____ () C:\Users\AV Markt\Downloads\Addition.txt
2014-07-15 00:38 - 2014-07-15 00:33 - 00161572 _____ () C:\Users\AV Markt\Downloads\FRST.txt
2014-07-15 00:29 - 2014-07-15 00:29 - 02086912 _____ (Farbar) C:\Users\AV Markt\Downloads\FRST64 (1).exe
2014-07-14 23:38 - 2014-07-14 23:37 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\uTorrent
2014-07-14 23:34 - 2014-07-14 23:34 - 01331792 _____ (BitTorrent Inc.) C:\Users\AV Markt\Downloads\uTorrent.exe
2014-07-14 23:30 - 2014-07-26 17:27 - 00022345 _____ () C:\Users\AV Markt\Documents\Ausarbeitung_Forschungsdesign_Hausarbeit.odt_0.odt
2014-07-11 14:21 - 2014-07-11 14:21 - 00000000 ____D () C:\Users\AV Markt\Documents\Fax
2014-07-11 14:11 - 2014-07-11 14:11 - 00000000 ____D () C:\Users\AV Markt\Desktop\Lisas Dateien
2014-07-11 14:09 - 2014-07-11 14:09 - 00000000 ____D () C:\Users\AV Markt\AppData\Roaming\OpenOffice
2014-07-11 14:09 - 2014-06-21 15:10 - 00000000 ____D () C:\Users\AV Markt\Desktop\Ana Bilder
2014-07-11 14:08 - 2014-06-15 00:07 - 00000000 ____D () C:\Users\AV Markt\Desktop\SS14
2014-07-10 19:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 18:48 - 2014-07-10 18:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-10 18:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 18:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-10 13:38 - 2014-06-15 12:06 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-10 13:14 - 2014-07-10 13:14 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-07-10 13:14 - 2014-06-11 01:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 13:14 - 2014-01-25 14:22 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-07-10 13:14 - 2013-08-22 16:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-07-10 13:14 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 13:12 - 2014-06-11 01:08 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 13:11 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 13:02 - 2014-07-10 13:02 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-06 01:53 - 2014-07-06 01:53 - 00000000 __SHD () C:\Users\AV Markt\AppData\Local\EmieUserList
2014-07-06 01:53 - 2014-07-06 01:53 - 00000000 __SHD () C:\Users\AV Markt\AppData\Local\EmieSiteList
2014-07-05 13:23 - 2014-07-05 13:22 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-07-05 13:22 - 2014-07-05 13:22 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-07-05 13:22 - 2014-07-05 13:22 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-07-04 13:52 - 2014-06-14 01:04 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-07-01 00:45 - 2014-07-10 13:04 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 22:49 - 2014-06-16 00:24 - 00000000 ____D () C:\Users\AV Markt\AppData\Local\gtk-2.0
2014-06-28 09:48 - 2014-07-10 13:04 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-10 13:04 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
Some content of TEMP:
====================
C:\Users\AV Markt\AppData\Local\Temp\avgnt.exe
C:\Users\AV Markt\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp1nf3f.dll
C:\Users\AV Markt\AppData\Local\Temp\nsxB7DD.exe
C:\Users\AV Markt\AppData\Local\Temp\ose00000.exe
C:\Users\AV Markt\AppData\Local\Temp\Quarantine.exe
C:\Users\AV Markt\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-26 18:15
==================== End Of Log ============================ --- --- ---
--- --- ---
sorry, dass meine Antwort so lange auf sich warten lassen hat, es kam einiges dazwischen, sodass ich keine Zeit finden konnte, deine Anweisungen durchzuführen! :/ |