(Wenn es diese Antwort jetzt mehrmals gesendet hat- sorry, Wlan hat etwas schlechte Verbindung)
Okay,
mbam.txt: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 15.08.2014
Suchlauf-Zeit: 12:30:07
Logdatei: Suchlauf MBAM.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.15.04
Rootkit Datenbank: v2014.08.04.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Alina
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 311706
Verstrichene Zeit: 53 Min, 11 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 4
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-841078950-1839200133-1442556451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Löschen bei Neustart, [6d73b016a4d767cfc7e10367709252ae],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-841078950-1839200133-1442556451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, Löschen bei Neustart, [ebf58c3a2b5054e2780175f8b25010f0],
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-841078950-1839200133-1442556451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}, Löschen bei Neustart, [ebf58c3a2b5054e2780175f8b25010f0],
PUP.Optional.Softonic.A, HKU\S-1-5-21-841078950-1839200133-1442556451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Löschen bei Neustart, [dc04b610a0db48ee7d5ff802bd4522de],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 1
PUP.Optional.Trovi.A, HKU\S-1-5-21-841078950-1839200133-1442556451-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MD7E55408-62D5-47DE-B14A-A139510955B8&SearchSource=55&CUI=&UM=6&UP=SP94E52791-AB29-4B67-B193-075FF74914A0&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MD7E55408-62D5-47DE-B14A-A139510955B8&SearchSource=55&CUI=&UM=6&UP=SP94E52791-AB29-4B67-B193-075FF74914A0&SSPV=),Löschen bei Neustart,[dd03fdc9f388e452841eb80ea064936d]
Ordner: 3
PUP.Optional.UpdateSoft.A, C:\Program Files (x86)\UpdateSoft, In Quarantäne, [469a596d98e3e1555e21a89ce91b36ca],
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [0cd43c8a6f0cb680c8dbb4f39d65669a],
PUP.Optional.SimilarSites.A, C:\Users\Alina\AppData\Roaming\SimilarSites, In Quarantäne, [c917586e3f3c81b51d07407ff909728e],
Dateien: 15
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nscD20.exe, In Quarantäne, [c719b6106516e74f4a349feebd4406fa],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nseF986.exe, In Quarantäne, [cf11497d2358a88e9ee0751834cdef11],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nsi399.exe, In Quarantäne, [974953739edd93a30d71137a679acb35],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nsn4EFF.exe, In Quarantäne, [e8f8596d4f2c6acc225c0b825aa7bb45],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nsq5653.exe, In Quarantäne, [825e685e2754d561037b573660a1fe02],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nss7036.exe, In Quarantäne, [6f71378f502b63d3433b8a03cc357e82],
PUP.Optional.Conduit.A, C:\Users\Alina\AppData\Local\Temp\nst5D59.exe, In Quarantäne, [ffe1d7efd3a83cfaf688b1dc28d910f0],
PUP.Optional.SearchProtect.A, C:\Users\Alina\AppData\Local\Temp\nszD39E.tmp, In Quarantäne, [c31d0cba2853c175d5d0e4b3f40dd030],
PUP.Optional.OptimunInstaller, C:\Users\Alina\Downloads\fl_setup(1).exe, In Quarantäne, [7b650db995e6f145a52e39102fd17090],
PUP.Optional.OptimunInstaller, C:\Users\Alina\Downloads\fl_setup(2).exe, In Quarantäne, [8b55ac1a94e7c96d448fe861df21c33d],
PUP.Optional.OptimunInstaller, C:\Users\Alina\Downloads\fl_setup.exe, In Quarantäne, [89577056116a6ec82ea560e9ca365ea2],
PUP.Optional.Softonic.A, C:\Users\Alina\Downloads\SoftonicDownloader_for_free-video-cutter-joiner.exe, In Quarantäne, [845c21a50972e55192bff33844bdc33d],
PUP.Optional.UpdateSoft.A, C:\Program Files (x86)\UpdateSoft\sqlite3.dll, In Quarantäne, [469a596d98e3e1555e21a89ce91b36ca],
PUP.Optional.UpdateSoft.A, C:\Program Files (x86)\UpdateSoft\fcheck.exe, In Quarantäne, [469a596d98e3e1555e21a89ce91b36ca],
Rogue.Multiple, C:\ProgramData\374311380\BIT88A3.tmp, In Quarantäne, [0cd43c8a6f0cb680c8dbb4f39d65669a],
Physische Sektoren: 0
(No malicious items detected)
(end) AdwCleaner:
AdwCleaner Logfile: Code:
# AdwCleaner v3.305 - Bericht erstellt am 15/08/2014 um 20:43:04
# Aktualisiert 14/08/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Alina - FIDO
# Gestartet von : C:\Users\Alina\Downloads\adwcleaner_3.305.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Pokki
Ordner Gelöscht : C:\Program Files (x86)\SiteLookup
Ordner Gelöscht : C:\Users\Alina\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Alina\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Alina\AppData\Local\Software
Ordner Gelöscht : C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Alina\Desktop\simplicheck.lnk
Datei Gelöscht : C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\user.js
***** [ Tasks ] *****
Task Gelöscht : LaunchSignup
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\simplitec
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
*************************
AdwCleaner[R0].txt - [4594 octets] - [13/08/2014 14:51:15]
AdwCleaner[R1].txt - [4162 octets] - [15/08/2014 20:42:01]
AdwCleaner[S0].txt - [3796 octets] - [15/08/2014 20:43:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3856 octets] ########## --- --- ---
JRT.txt: Code:
Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Alina\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"
~~~ FireFox
Emptied folder: C:\Users\Alina\AppData\Roaming\mozilla\firefox\profiles\wv7kqvl2.default\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.08.2014 at 20:57:16,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Neues FRST log:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014 01
Ran by Alina (administrator) on FIDO on 15-08-2014 20:58:35
Running from C:\Users\Alina\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\Run: [Google Update] => C:\Users\Alina\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-12] (Google Inc.)
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\Run: [GoogleChromeAutoLaunch_2ABAC409B7A7F5908469199D4720C63B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-841078950-1839200133-1442556451-1001\...\MountPoints2: {3c306170-2956-11e3-be6b-806e6f6e6963} - "D:\Autorun.exe"
Startup: C:\Users\Alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - {8145C30D-DA36-40AD-BB96-BC051D2A7FE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {8145C30D-DA36-40AD-BB96-BC051D2A7FE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {8145C30D-DA36-40AD-BB96-BC051D2A7FE5} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Alina\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Alina\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Alina\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Alina\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Alina\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Alina\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\Extensions\abs@avira.com [2014-08-15]
FF Extension: Site Matcher - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\Extensions\sitematcher@sitematcher.com [2014-07-27]
FF Extension: Website Xplorer - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\Extensions\{a2bfe612-4cf5-48ea-907c-f3fb25bc9d6b} [2014-08-13]
FF Extension: Adblock Plus - C:\Users\Alina\AppData\Roaming\Mozilla\Firefox\Profiles\wv7kqvl2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: https://www.google.ch/
CHR StartupUrls: "https://www.google.ch/"
CHR Extension: (Google Docs) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-23]
CHR Extension: (Google Drive) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-23]
CHR Extension: (YouTube) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-23]
CHR Extension: (No Name) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-26]
CHR Extension: (Google-Suche) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-23]
CHR Extension: (Google Wallet) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-23]
CHR Extension: (Google Mail) - C:\Users\Alina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-18] (Acer Incorporate)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-15 20:57 - 2014-08-15 20:57 - 00001139 _____ () C:\Users\Alina\Desktop\JRT.txt
2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-15 20:51 - 2014-08-15 20:51 - 01016261 _____ (Thisisu) C:\Users\Alina\Downloads\JRT.exe
2014-08-15 20:40 - 2014-08-15 20:40 - 01356107 _____ () C:\Users\Alina\Downloads\adwcleaner_3.305.exe
2014-08-15 20:39 - 2014-08-15 20:39 - 00004908 _____ () C:\Users\Alina\Desktop\Suchlauf MBAM.txt
2014-08-15 20:32 - 2014-08-15 20:32 - 00001157 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-15 13:33 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 13:33 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 12:29 - 2014-08-15 20:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 12:28 - 2014-08-15 12:28 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-15 12:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-15 12:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-15 12:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-15 12:25 - 2014-08-15 12:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alina\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-14 14:59 - 2014-08-14 15:00 - 00035778 _____ () C:\Users\Alina\Desktop\Addition.txt
2014-08-14 14:58 - 2014-08-15 20:58 - 00018208 _____ () C:\Users\Alina\Desktop\FRST.txt
2014-08-14 14:56 - 2014-08-15 20:58 - 00000000 ____D () C:\FRST
2014-08-14 14:55 - 2014-08-14 14:55 - 02100224 _____ (Farbar) C:\Users\Alina\Desktop\FRST64.exe
2014-08-13 19:38 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 19:38 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 19:38 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 19:38 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 19:38 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 19:38 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 19:38 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 19:38 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 19:38 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 19:38 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 19:38 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 19:38 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 19:38 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 19:38 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 19:38 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 19:38 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 19:38 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 19:38 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 19:38 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 19:38 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 19:38 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 19:38 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 19:38 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 19:38 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 19:38 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 19:38 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 19:38 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 19:38 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 19:38 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 19:38 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 19:38 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 19:38 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 19:38 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 19:38 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 19:38 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 19:35 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 19:35 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 19:35 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 19:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 19:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 19:35 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 19:29 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 19:29 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 19:29 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 19:29 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 19:28 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 19:28 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 19:27 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 19:27 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 19:27 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 19:27 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-13 19:26 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-13 19:26 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-13 19:26 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-13 19:26 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-13 19:26 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-13 19:26 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-13 19:26 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-13 19:26 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-13 19:26 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-13 19:26 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-13 19:26 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-13 19:26 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-13 19:26 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-13 19:26 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 19:26 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 19:26 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 19:26 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-13 19:26 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 19:26 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 19:26 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 19:26 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-13 19:26 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 19:26 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-13 19:26 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-13 19:26 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 19:26 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-13 19:26 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-13 19:26 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-13 19:26 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-13 19:26 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-13 19:26 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 19:26 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-13 19:26 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-13 19:26 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-13 19:26 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-13 19:26 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-13 19:26 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-13 19:26 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-13 19:26 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-13 19:26 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-13 19:26 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-13 19:26 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-13 19:26 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-13 19:26 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-13 19:26 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 19:26 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 19:26 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 19:26 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 19:26 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-13 19:26 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 19:26 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-13 19:26 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-13 19:26 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-13 19:26 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-13 19:26 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-13 19:26 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-13 19:26 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-13 19:26 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-13 19:26 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-13 19:26 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-13 19:26 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-13 19:26 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-13 19:26 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-13 19:26 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-13 19:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 19:25 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-13 19:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 19:25 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 19:25 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 19:25 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 19:25 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 19:25 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 19:25 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 19:25 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 19:25 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 19:25 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-13 18:38 - 2014-08-13 18:38 - 00003432 _____ () C:\Users\Alina\Documents\Ereignisse AntiVirus.txt
2014-08-13 14:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-13 14:51 - 2014-08-15 20:43 - 00000000 ____D () C:\AdwCleaner
2014-08-13 13:57 - 2014-08-13 13:57 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 13:57 - 2014-08-13 13:57 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 13:57 - 2014-08-13 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-13 13:56 - 2014-08-13 13:56 - 00244408 _____ () C:\Users\Alina\Downloads\Firefox Setup Stub 31.0.exe
2014-08-13 13:28 - 2014-08-13 13:35 - 00000000 ____D () C:\Users\Alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JGArcadeApp
2014-08-13 13:28 - 2014-08-13 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateSoft
2014-08-13 13:28 - 2014-08-13 13:28 - 00000000 ____D () C:\Users\Alina\AppData\Roaming\JGArcadeApp
2014-08-12 22:28 - 2014-08-13 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-12 22:03 - 2014-08-12 22:03 - 00001511 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-12 22:03 - 2014-08-12 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-12 22:02 - 2014-08-15 20:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-18 16:53 - 2014-07-18 16:53 - 00000000 ____D () C:\Nikon
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2021-10-21 15:36 - 2013-09-30 00:48 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2013-09-30 00:48 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2014-08-15 20:59 - 2014-08-14 14:58 - 00018208 _____ () C:\Users\Alina\Desktop\FRST.txt
2014-08-15 20:59 - 2013-12-21 15:12 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841078950-1839200133-1442556451-1001
2014-08-15 20:58 - 2014-08-14 14:56 - 00000000 ____D () C:\FRST
2014-08-15 20:57 - 2014-08-15 20:57 - 00001139 _____ () C:\Users\Alina\Desktop\JRT.txt
2014-08-15 20:53 - 2014-03-30 12:49 - 00000000 ____D () C:\Users\Alina\AppData\Local\CrashDumps
2014-08-15 20:52 - 2014-08-15 20:52 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-15 20:51 - 2014-08-15 20:51 - 01016261 _____ (Thisisu) C:\Users\Alina\Downloads\JRT.exe
2014-08-15 20:49 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-15 20:49 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-15 20:49 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-15 20:47 - 2013-12-23 13:58 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 20:46 - 2013-12-24 16:51 - 00000000 __RDO () C:\Users\Alina\SkyDrive
2014-08-15 20:46 - 2013-12-23 13:54 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-15 20:45 - 2014-01-07 17:44 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-08-15 20:44 - 2013-11-14 00:18 - 00018296 _____ () C:\WINDOWS\PFRO.log
2014-08-15 20:44 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-15 20:43 - 2014-08-13 14:51 - 00000000 ____D () C:\AdwCleaner
2014-08-15 20:43 - 2013-12-24 16:43 - 01744354 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-15 20:43 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-15 20:40 - 2014-08-15 20:40 - 01356107 _____ () C:\Users\Alina\Downloads\adwcleaner_3.305.exe
2014-08-15 20:39 - 2014-08-15 20:39 - 00004908 _____ () C:\Users\Alina\Desktop\Suchlauf MBAM.txt
2014-08-15 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-15 20:38 - 2014-08-15 12:29 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 20:33 - 2014-08-12 22:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-15 20:32 - 2014-08-15 20:32 - 00001157 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-15 20:32 - 2013-12-21 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-15 20:32 - 2013-12-21 15:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-15 20:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-15 13:32 - 2013-08-22 16:44 - 00487952 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-15 13:28 - 2014-07-15 01:49 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 13:28 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-15 13:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-15 13:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-15 13:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-15 13:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-15 13:27 - 2013-12-23 13:54 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-15 13:14 - 2014-01-23 14:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-15 13:11 - 2014-05-15 19:01 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-841078950-1839200133-1442556451-1001UA.job
2014-08-15 13:11 - 2013-12-24 22:51 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B080ABEB-9C37-4581-B991-A9A7D3CCA15B}
2014-08-15 12:28 - 2014-08-15 12:28 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-15 12:28 - 2014-08-15 12:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-15 12:26 - 2014-08-15 12:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Alina\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-15 11:47 - 2013-12-21 15:27 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 15:00 - 2014-08-14 14:59 - 00035778 _____ () C:\Users\Alina\Desktop\Addition.txt
2014-08-14 14:55 - 2014-08-14 14:55 - 02100224 _____ (Farbar) C:\Users\Alina\Desktop\FRST64.exe
2014-08-14 14:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-14 13:31 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-13 19:34 - 2014-06-20 21:06 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 19:34 - 2014-06-20 21:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 19:34 - 2014-04-28 17:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 19:34 - 2014-04-28 15:46 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 19:34 - 2014-04-28 15:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 19:34 - 2014-04-28 15:35 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 19:34 - 2014-04-28 15:35 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 19:34 - 2014-04-28 15:35 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 19:34 - 2014-04-28 15:35 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 19:33 - 2014-04-28 17:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 19:33 - 2014-04-28 15:46 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 19:20 - 2014-06-10 21:52 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 18:38 - 2014-08-13 18:38 - 00003432 _____ () C:\Users\Alina\Documents\Ereignisse AntiVirus.txt
2014-08-13 18:38 - 2014-03-12 16:31 - 00000000 ____D () C:\Users\Alina\AppData\Local\Deployment
2014-08-13 15:19 - 2014-01-19 15:05 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-13 14:19 - 2013-12-24 16:25 - 00000000 ____D () C:\Users\Alina
2014-08-13 13:57 - 2014-08-13 13:57 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 13:57 - 2014-08-13 13:57 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 13:57 - 2014-08-13 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-13 13:57 - 2014-08-12 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-13 13:56 - 2014-08-13 13:56 - 00244408 _____ () C:\Users\Alina\Downloads\Firefox Setup Stub 31.0.exe
2014-08-13 13:35 - 2014-08-13 13:28 - 00000000 ____D () C:\Users\Alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JGArcadeApp
2014-08-13 13:29 - 2014-08-13 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateSoft
2014-08-13 13:28 - 2014-08-13 13:28 - 00000000 ____D () C:\Users\Alina\AppData\Roaming\JGArcadeApp
2014-08-13 13:09 - 2013-08-22 16:46 - 00291415 _____ () C:\WINDOWS\setupact.log
2014-08-13 12:25 - 2014-06-11 20:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-08-12 22:04 - 2014-01-17 19:49 - 00000000 ____D () C:\Users\Alina\Documents\Electronic Arts
2014-08-12 22:03 - 2014-08-12 22:03 - 00001511 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-12 22:03 - 2014-08-12 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-12 22:03 - 2014-01-19 15:06 - 00000000 ____D () C:\ProgramData\Origin
2014-08-12 22:03 - 2014-01-17 19:49 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-12 21:38 - 2014-04-09 13:26 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-07 04:12 - 2014-08-13 19:25 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:39 - 2014-08-13 19:25 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-07 00:38 - 2014-08-13 19:26 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-02 07:44 - 2014-08-13 19:26 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 19:25 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 19:25 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-08-15 13:33 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-08-15 13:33 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 18:54 - 2013-12-22 13:28 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-25 18:53 - 2013-12-22 13:28 - 96441528 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-25 18:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-25 17:41 - 2013-12-21 15:27 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-25 16:52 - 2014-08-13 19:38 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-13 19:38 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-13 19:38 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-13 19:38 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 19:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-13 19:38 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-13 19:38 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 19:38 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-13 19:38 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 19:38 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 19:38 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 19:38 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-13 19:38 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-13 19:38 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-13 19:38 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 19:38 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 19:38 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 19:38 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 19:38 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-13 19:38 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 19:38 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 19:38 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-13 19:38 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 19:38 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 19:38 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 19:38 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-13 19:38 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-13 19:38 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-13 19:38 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 19:38 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 19:38 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 19:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 19:38 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 19:38 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 19:38 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-22 09:11 - 2014-05-15 19:01 - 00001078 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-841078950-1839200133-1442556451-1001Core.job
2014-07-18 16:53 - 2014-07-18 16:53 - 00000000 ____D () C:\Nikon
2014-07-18 16:52 - 2014-02-08 18:44 - 00000020 ____H () C:\ProgramData\PKP_DLbx.DAT
Some content of TEMP:
====================
C:\Users\Alina\AppData\Local\Temp\avgnt.exe
C:\Users\Alina\AppData\Local\Temp\CloudBackup2234.exe
C:\Users\Alina\AppData\Local\Temp\EAD855B.exe
C:\Users\Alina\AppData\Local\Temp\EADC2E.exe
C:\Users\Alina\AppData\Local\Temp\Execute2App.exe
C:\Users\Alina\AppData\Local\Temp\GdiPlus.dll
C:\Users\Alina\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Alina\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Alina\AppData\Local\Temp\Kies2RemoveAll.exe
C:\Users\Alina\AppData\Local\Temp\msvcp90.dll
C:\Users\Alina\AppData\Local\Temp\msvcr90.dll
C:\Users\Alina\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Alina\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Alina\AppData\Local\Temp\ose00000.exe
C:\Users\Alina\AppData\Local\Temp\Quarantine.exe
C:\Users\Alina\AppData\Local\Temp\SimBundD.exe
C:\Users\Alina\AppData\Local\Temp\UninstallEADM.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-13 15:18
==================== End Of Log ============================ --- --- ---
Lg (: |