BlackVal | 17.02.2015 16:50 | so hier bitte,
puu ist das viel Code:
# AdwCleaner v4.110 - Bericht erstellt 17/02/2015 um 15:29:58
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Jasmin - JASMIN-PC
# Gestarted von : C:\Users\Jasmin\Desktop\AdwCleaner_4.110.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : vToolbarUpdater3.2.0
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\Program Files\Common Files\AVG Secure Search
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
Schlüssel Gelöscht : HKCU\Software\DriverTuner
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG SafeGuard toolbar
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 de)
-\\ Google Chrome v40.0.2214.111
-\\ Opera v27.0.1689.69
*************************
AdwCleaner[R0].txt - [3307 Bytes] - [17/02/2015 15:23:14]
AdwCleaner[S0].txt - [3229 Bytes] - [17/02/2015 15:29:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3288 Bytes] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x86
Ran by Jasmin on 17.02.2015 at 15:37:45,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Jasmin\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Jasmin\AppData\Roaming\mozilla\firefox\profiles\bwrhnnky.default\minidumps [22 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.02.2015 at 15:45:22,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 17.02.2015 15:52:02, SYSTEM, JASMIN-PC, Protection, Malware Protection, Starting,
Protection, 17.02.2015 15:52:02, SYSTEM, JASMIN-PC, Protection, Malware Protection, Started,
Protection, 17.02.2015 15:52:03, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Starting,
Update, 17.02.2015 15:52:05, SYSTEM, JASMIN-PC, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 17.02.2015 15:52:05, SYSTEM, JASMIN-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.2.3.1,
Update, 17.02.2015 15:52:24, SYSTEM, JASMIN-PC, Manual, Malware Database, 2014.11.20.6, 2015.2.17.8,
Protection, 17.02.2015 15:52:25, SYSTEM, JASMIN-PC, Protection, Refresh, Starting,
Protection, 17.02.2015 15:52:53, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Started,
Protection, 17.02.2015 15:52:53, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 17.02.2015 15:52:53, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 17.02.2015 15:53:05, SYSTEM, JASMIN-PC, Protection, Refresh, Success,
Protection, 17.02.2015 15:53:05, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.02.2015 15:53:06, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Started,
Scan, 17.02.2015 15:55:04, SYSTEM, JASMIN-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 2 Sekunden, Bedrohungs-Suchlauf, Abgebrochen, 0 Malwareerkennung, 0-Malwareerkennung,
Scan, 17.02.2015 16:21:37, SYSTEM, JASMIN-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 25 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "% 1" nicht-Malware-Erkennung,
Protection, 17.02.2015 16:24:05, SYSTEM, JASMIN-PC, Protection, Malware Protection, Starting,
Protection, 17.02.2015 16:24:05, SYSTEM, JASMIN-PC, Protection, Malware Protection, Started,
Protection, 17.02.2015 16:24:06, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.02.2015 16:26:03, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Started,
Protection, 17.02.2015 16:27:48, SYSTEM, JASMIN-PC, Protection, Malware Protection, Starting,
Protection, 17.02.2015 16:27:48, SYSTEM, JASMIN-PC, Protection, Malware Protection, Started,
Protection, 17.02.2015 16:27:48, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.02.2015 16:29:49, SYSTEM, JASMIN-PC, Protection, Malicious Website Protection, Started,
(end) Code:
Results of screen317's Security Check version 0.99.96
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11 ``````````````Antivirus/Firewall Check:``````````````
AVG Internet Security 2015
Antivirus up to date! `````````Anti-malware/Other Utilities Check:`````````
AVG Web TuneUp
CCleaner
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Mozilla Firefox (35.0.1)
Mozilla Thunderbird (31.4.0)
Google Chrome (40.0.2214.111)
Google Chrome (40.0.2214.94) ````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015
Ran by Jasmin (administrator) on JASMIN-PC on 17-02-2015 16:49:21
Running from C:\Users\Jasmin\Desktop
Loaded Profiles: Jasmin (Available profiles: Jasmin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Fujitsu Technology Solutions) C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Jasmin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Jasmin\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch Manager] => C:\Program Files\Fujitsu Launch Manager\LaunchMgr.exe [370688 2009-03-31] (Fujitsu Technology Solutions)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Fujitsu OSD Utility] => C:\Program Files\Fujitsu OSD Utility\OSDUtility.exe [733184 2009-04-03] (Fujitsu Technology Solutions)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKU\S-1-5-21-2090060485-1993251338-54083146-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2090060485-1993251338-54083146-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Jasmin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
Startup: C:\Users\Jasmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2090060485-1993251338-54083146-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\searchplugins\google-maps.xml
FF Extension: QuickFox Notes - C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\Extensions\amin.eft_bmnotes@gmail.com [2014-11-20]
FF Extension: Cliqz Beta - C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\Extensions\cliqz@cliqz.com.xpi [2014-10-13]
FF Extension: Adblock Plus - C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-11]
FF HKU\S-1-5-21-2090060485-1993251338-54083146-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Jasmin\AppData\Roaming\Mozilla\Firefox\Profiles\bwrhnnky.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HomePage: Default -> https://mysearch.avg.com?cid={17DE129E-E831-413E-B038-BFB84472CD53}&mid=91215192237c47d2b137d16fd8e94336-96b5c85146aac0ba21b0ab673abe0e9464c4e73f&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-29 20:41:18&v=3.2.0.15&pid=wtu&sg=&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={17DE129E-E831-413E-B038-BFB84472CD53}&mid=91215192237c47d2b137d16fd8e94336-96b5c85146aac0ba21b0ab673abe0e9464c4e73f&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-29 20:41:18&v=3.2.0.15&pid=wtu&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> https://mysearch.avg.com/search?cid={17DE129E-E831-413E-B038-BFB84472CD53}&mid=91215192237c47d2b137d16fd8e94336-96b5c85146aac0ba21b0ab673abe0e9464c4e73f&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-29 20:41:18&v=3.2.0.14&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg.com/chroment?espv=2&cid={17DE129E-E831-413E-B038-BFB84472CD53}&mid=91215192237c47d2b137d16fd8e94336-96b5c85146aac0ba21b0ab673abe0e9464c4e73f&lang=de&ds=AVG&pr=fr&d=2014-08-29 20:41:18&v=3.2.0.14&pid=wtu&sg=
CHR DefaultSuggestURL: Default -> hxxp://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (AdBlock Premium) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-12-24]
CHR Extension: (Google Wallet) - C:\Users\Jasmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Jasmin\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-12-08]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1507632 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [130944 2011-04-24] (SEIKO EPSON CORPORATION)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-29] (AVG Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2014.SP2a\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-17 16:36 - 2015-02-17 16:37 - 00852594 _____ () C:\Users\Jasmin\Desktop\SecurityCheck.exe
2015-02-17 16:35 - 2015-02-17 16:35 - 00002533 _____ () C:\Users\Jasmin\Desktop\mbam.txt
2015-02-17 15:52 - 2015-02-17 16:29 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 15:51 - 2015-02-17 15:51 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 15:51 - 2015-02-17 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 15:51 - 2015-02-17 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 15:51 - 2015-02-17 15:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-17 15:51 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 15:51 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 15:51 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 15:49 - 2015-02-17 15:49 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jasmin\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-17 15:45 - 2015-02-17 15:45 - 00000908 _____ () C:\Users\Jasmin\Desktop\JRT.txt
2015-02-17 15:36 - 2015-02-17 15:37 - 01388274 _____ (Thisisu) C:\Users\Jasmin\Desktop\JRT.exe
2015-02-17 15:23 - 2015-02-17 15:29 - 00000000 ____D () C:\AdwCleaner
2015-02-17 15:18 - 2015-02-17 15:18 - 02112512 _____ () C:\Users\Jasmin\Desktop\AdwCleaner_4.110.exe
2015-02-17 14:52 - 2015-02-17 15:01 - 00026192 _____ () C:\Users\Jasmin\Desktop\Addition.txt
2015-02-17 14:49 - 2015-02-17 16:49 - 00013319 _____ () C:\Users\Jasmin\Desktop\FRST.txt
2015-02-17 14:48 - 2015-02-17 16:49 - 00000000 ____D () C:\FRST
2015-02-17 14:45 - 2015-02-17 14:46 - 01125888 _____ (Farbar) C:\Users\Jasmin\Desktop\FRST.exe
2015-02-17 14:41 - 2015-02-17 14:43 - 00000474 _____ () C:\Users\Jasmin\Desktop\defogger_disable.log
2015-02-17 14:41 - 2015-02-17 14:41 - 00000000 _____ () C:\Users\Jasmin\defogger_reenable
2015-02-13 18:34 - 2015-02-17 16:23 - 00003116 _____ () C:\Windows\PFRO.log
2015-02-13 13:08 - 2015-02-13 13:08 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-13 13:08 - 2015-02-13 13:08 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-13 13:07 - 2015-02-13 13:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-13 13:05 - 2015-02-13 13:06 - 00243664 _____ () C:\Users\Jasmin\Downloads\Firefox Setup Stub 35.0.1 (1).exe
2015-02-12 13:13 - 2015-02-12 13:13 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-12 09:29 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 09:29 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 10:00 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:00 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 10:00 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 10:00 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 10:00 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 10:00 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 10:00 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 10:00 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 10:00 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 10:00 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 10:00 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 10:00 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 10:00 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 09:59 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 09:59 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:58 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:57 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:57 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:57 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:57 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:57 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:57 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:57 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:57 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:57 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:57 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:57 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:57 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:57 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:57 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:57 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:57 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:57 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:57 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:57 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:57 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:57 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:57 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:57 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:57 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:57 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:57 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:57 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:57 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:57 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:57 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:57 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:57 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:57 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:57 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:57 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:57 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:57 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:56 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:56 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 09:56 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 09:55 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:55 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-09 09:46 - 2015-02-17 16:27 - 00000896 _____ () C:\Windows\setupact.log
2015-02-09 09:46 - 2015-02-09 09:46 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-07 22:08 - 2015-02-07 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-01-30 15:38 - 2015-01-30 15:38 - 00000951 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-29 09:11 - 2015-01-29 09:11 - 00000000 ____D () C:\Users\Jasmin\AppData\Roaming\AVG
2015-01-29 09:08 - 2015-01-29 09:08 - 00000000 ____D () C:\Users\Jasmin\AppData\Local\Avg
2015-01-29 09:07 - 2015-01-29 09:13 - 00000000 ____D () C:\ProgramData\AVG
2015-01-29 09:02 - 2015-01-29 09:05 - 90844984 _____ (AVG Technologies) C:\Users\Jasmin\Downloads\avg_tuh_stf_all_2015_238_24c28.exe
2015-01-27 09:53 - 2015-01-27 09:53 - 00243664 _____ () C:\Users\Jasmin\Downloads\Firefox Setup Stub 35.0.1.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-17 16:49 - 2013-09-16 16:23 - 00000000 ____D () C:\Users\Jasmin\AppData\Roaming\Skype
2015-02-17 16:40 - 2013-09-16 11:27 - 01677186 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 16:35 - 2009-07-14 05:34 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 16:35 - 2009-07-14 05:34 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 16:28 - 2013-09-16 16:07 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-17 16:27 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 16:23 - 2009-07-14 09:47 - 00000000 ____D () C:\Windows\de-DE
2015-02-17 16:12 - 2013-09-16 19:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-17 15:54 - 2013-09-16 16:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-17 15:39 - 2014-06-06 11:28 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-17 14:44 - 2013-09-16 11:35 - 00000000 ____D () C:\Users\Jasmin\Desktop\G
2015-02-17 14:41 - 2013-09-16 11:32 - 00000000 ____D () C:\Users\Jasmin
2015-02-16 16:13 - 2014-12-05 22:17 - 00000000 ____D () C:\Program Files\TeamViewer
2015-02-13 19:05 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-13 18:34 - 2014-10-11 13:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-13 12:46 - 2014-11-13 11:25 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-02-12 09:10 - 2009-07-14 05:33 - 00445664 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 09:07 - 2014-12-12 11:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 09:07 - 2014-06-06 02:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 09:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-02-12 02:10 - 2013-09-19 18:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 02:05 - 2013-09-19 18:30 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 22:24 - 2014-10-17 15:41 - 00129024 ___SH () C:\Users\Jasmin\Documents\Thumbs.db
2015-02-11 14:38 - 2013-09-16 11:58 - 00000000 ____D () C:\Program Files\Opera
2015-02-09 14:12 - 2013-09-16 16:33 - 00000000 ____D () C:\ProgramData\Origin
2015-02-09 13:25 - 2013-09-16 16:33 - 00000000 ____D () C:\Program Files\Origin
2015-02-08 18:51 - 2014-11-19 18:05 - 00000000 ____D () C:\Windows\Minidump
2015-02-07 22:09 - 2013-09-16 11:59 - 00000000 ____D () C:\Program Files\PDF24
2015-02-05 20:12 - 2013-09-16 19:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 20:12 - 2013-09-16 11:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-30 15:38 - 2014-06-06 11:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-30 10:07 - 2013-09-16 11:32 - 00000000 ____D () C:\Users\Jasmin\AppData\Local\VirtualStore
2015-01-29 16:11 - 2013-09-16 12:01 - 00000000 ____D () C:\Program Files\XnView v2.05
2015-01-29 09:10 - 2014-06-06 11:28 - 00000000 ____D () C:\Program Files\AVG
2015-01-27 09:37 - 2014-12-20 12:31 - 00000000 ____D () C:\Users\Jasmin\AppData\Local\Akamai
2015-01-27 09:37 - 2014-06-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-27 09:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-27 09:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-27 09:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-25 00:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-23 23:49 - 2013-12-06 00:27 - 00000000 ____D () C:\Users\Jasmin\AppData\Local\Microsoft Games
2015-01-19 14:38 - 2015-01-09 13:08 - 00018720 _____ () C:\Users\Jasmin\Documents\Zeitpersonal agenturen.odt
==================== Files in the root of some directories =======
2014-06-05 21:38 - 2014-06-06 22:36 - 14323712 _____ () C:\Users\Jasmin\AppData\Roaming\Sandra.mdb
Some content of TEMP:
====================
C:\Users\Jasmin\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jasmin\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Jasmin\AppData\Local\Temp\Quarantine.exe
C:\Users\Jasmin\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jasmin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 09:18
==================== End Of Log ============================ --- --- --- |