| |
| |||||||
Log-Analyse und Auswertung: windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.07.2014, 21:14
| #1 |
 |  windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Hallo, leider habe ich selbstverschuldet istart.websearch installiert, da es sich als notwendiges java- update ausgab. In diesem Zusammenhang habe ich zudem (wiederum selbstverschuldet) die malware spy hunter 4 runtergeladen und wieder gelöscht. Leider bin ich nicht sicher, ob das programm vollständig deinstalliert wurde. malwarebytes hat keine Probleme gefunden und ich weiß nicht, wie ich alles vollständig säubern kann. Hier die Logfiles: defogger ergab keine Fehlermeldung. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014 Ran by xxx at 2014-07-03 21:13:15 Running from C:\Users\xxx\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.5.0 - Auslogics Labs Pty Ltd) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies) AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies) Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.0.16 - Dell) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN) ==================== Restore Points ========================= 11-06-2014 17:33:25 Windows Update 15-06-2014 04:41:09 Wiederherstellungsvorgang 18-06-2014 07:24:13 Windows Update 25-06-2014 18:30:57 Geplanter Prüfpunkt 03-07-2014 05:47:14 Installed SpyHunter ==================== Hosts content: ========================== 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0096DAC5-0070-44C2-A4FB-4226CDC6BE41} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0EF2C363-FBEE-476E-89D3-607E16D7C0EC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated) Task: {1DB41F58-3A5B-477C-9447-61A1871F6346} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2B3B571D-FCAB-4356-AADF-42448FAC4A9B} - System32\Tasks\{720129A9-4CAE-496A-A174-6A3237A33C4D} => c:\program files\\waterfox\waterfox.exe Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3EC223E2-EBC2-4627-B0AC-0389DE10A6A0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {477658B0-5DF3-427C-85EF-CF384C253561} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {519652C7-C176-48ED-85A9-96C471BB4F9C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {5B81BE4A-8F58-445F-8C9D-D8F3CC0279B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.) Task: {62AA15D3-9FA8-4FFC-95E9-BF8A9E15AC31} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-26] (globalUpdate) <==== ATTENTION Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {799C2517-FC63-4BAD-B95E-CA19DE628C15} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9D58F267-46F5-4C41-91BF-82CE232C80B3} - System32\Tasks\{9CE635A9-5C34-48FF-BA75-4DA34ACD4529} => c:\program files\\waterfox\waterfox.exe Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {B9DA8699-E1FA-48C9-B5F2-3CD3F62C5F73} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {C04CC267-57FF-48C3-A25C-BD2894992033} - System32\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user => C:\Program Files (x86)\Fraven 1.1\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5.exe Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E062FCA8-5E71-4A7D-A585-A9A4B67A7CE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EF268A21-95EF-496C-AEE0-7ECE3E27418F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-26] (globalUpdate) <==== ATTENTION Task: C:\WINDOWS\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user.job => C:\Program Files (x86)\Fraven 1.1\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-14 09:02 - 2014-04-14 09:02 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2014-06-20 17:10 - 2014-06-20 17:10 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe 2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-06-19 12:56 - 2014-06-20 17:10 - 02567192 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe 2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger (1).exe 2014-06-20 17:10 - 2014-06-20 17:10 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll 2014-06-19 12:56 - 2014-06-19 12:56 - 01632792 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll 2014-06-12 11:49 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-12 11:49 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-12 11:49 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-12 11:49 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-12 11:49 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 AlternateDataStreams: C:\Users\xxx\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk" HKLM\...\StartupApproved\Run32: => "Adobe ARM" ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/03/2014 07:42:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-645814921-2363520728-22122384-1001}/">. Error: (07/03/2014 07:42:33 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-645814921-2363520728-22122384-1001}/">. Error: (07/03/2014 07:49:43 AM) (Source: MsiInstaller) (EventID: 11721) (User: PC) Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 Error: (07/03/2014 07:43:01 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/01/2014 03:26:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/30/2014 10:04:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/29/2014 05:00:54 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/29/2014 04:23:55 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-645814921-2363520728-22122384-1001}/">. Error: (06/29/2014 04:23:54 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-645814921-2363520728-22122384-1001}/">. Error: (06/29/2014 03:12:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-645814921-2363520728-22122384-1001}/">. System errors: ============= Error: (07/03/2014 09:01:55 PM) (Source: DCOM) (EventID: 10010) (User: PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/03/2014 09:01:24 PM) (Source: DCOM) (EventID: 10010) (User: PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/03/2014 06:57:23 AM) (Source: bowser) (EventID: 8016) (User: ) Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "PC" auf Transport "NetBT_Tcpip_{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358}". Das Datagramm steht in den Daten. Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist. Error: (07/01/2014 03:08:42 PM) (Source: bowser) (EventID: 8016) (User: ) Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "PC" auf Transport "NetBT_Tcpip_{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358}". Das Datagramm steht in den Daten. Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist. Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (06/30/2014 09:28:52 PM) (Source: DCOM) (EventID: 10016) (User: PC) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCxxxS-1-5-21-645814921-2363520728-22122384-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-06-05 20:50:58.063 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\xxx\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-05 20:50:57.688 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-26 19:25:28.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:25:23.147 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:25:17.521 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:25:12.146 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:25:06.130 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:25:00.130 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:24:53.051 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2013-12-26 19:24:52.629 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 38% Total physical RAM: 4002.05 MB Available physical RAM: 2477.89 MB Total Pagefile: 4706.05 MB Available Pagefile: 2833.37 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:323.53 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6853086E) Partition 1: (Not Active) - (Size=100 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Nina Scan Type: Threat Scan Result: Completed Objects Scanned: 291607 Time Elapsed: 19 min, 3 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-07-03 21:45:22 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c ST9500423AS rev.0003DEM1 465,76GB Running: Gmer-19357.exe; Driver: C:\Users\xxx\AppData\Local\Temp\fxldapow.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 1 fffff96000127201 7 bytes [20, 0A, 02, 00, F0, 70, 01] .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 9 fffff96000127209 6 bytes [88, B0, FF, 01, 23, DC] ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 166 000000002f8f1afc 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 253 000000002f8f1b53 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 320 000000002f8f1b96 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 390 000000002f8f1bdc 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 738 000000002f8f1d38 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 937 000000002f8f1dff 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 958 000000002f8f1e14 2 bytes [8F, 2F] .text C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[192] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 970 000000002f8f1e20 2 bytes [8F, 2F] .text C:\WINDOWS\splwow64.exe[6116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffabc51169a 4 bytes [51, BC, FA, 7F] .text C:\WINDOWS\splwow64.exe[6116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffabc5116a2 4 bytes [51, BC, FA, 7F] .text C:\WINDOWS\splwow64.exe[6116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffabc51181a 4 bytes [51, BC, FA, 7F] .text C:\WINDOWS\splwow64.exe[6116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffabc511832 4 bytes [51, BC, FA, 7F] ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [860:884] fffff96000916b90 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{B04054FC-8F05-468C-9A07-0A60C015B026}\Connection@Name isatap.{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358} Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1967367893 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 5352 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 12369 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 447 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 595 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 5802 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 52 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 152 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 387 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 6007 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 290 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 122 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeMapTime 7 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAllocateTime 1 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 6397 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 6422 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 11740 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 6418 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 12338 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 5633 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 92 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime 3 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 19624 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 5312 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 87 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 11 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 578 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 56 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 348082 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0xC0 0x18 0x02 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 18400 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0xB6 0x24 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 101 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate 27 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 104 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 88 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FileRuns 2 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 4237 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 579 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0x23 0x68 0xBC 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\c0188550721a Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{B04054FC-8F05-468C-9A07-0A60C015B026}@InterfaceName isatap.{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358} Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{B04054FC-8F05-468C-9A07-0A60C015B026}@ReusableType 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{B04054FC-8F05-468C-9A07-0A60C015B026}@DefunctTimestamp 0xCF 0x95 0xB5 0x53 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Type 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Start 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Tag 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ImagePath \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@DisplayName MBAMSwissArmy Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Group FSFilter Activity Monitor Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@WOW64 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances@DefaultInstance MBAMSwissArmy Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?Do?, ?Jul ?03 ?14, 07:50:30??????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 9649 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 4353 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358}@LeaseObtainedTime 1404409294 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358}@T1 -743074355 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8F3AB39D-6ECC-4FDE-A883-B9810F8E2358}@T2 1941280205 Reg HKLM\SYSTEM\CurrentControlSet\Services\UmPass\Parameters\Wdf@TimeOfLastSqmLog 0xB8 0x7E 0xA9 0x89 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ... ---- EOF - GMER 2.1 ---- Vielen Dank für die Hilfe |
|
03.07.2014, 21:29
| #2 |
| /// the machine /// TB-Ausbilder    | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! hi,
__________________FRST.txt fehlt.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
04.07.2014, 19:51
| #3 |
| | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Hallo schrauber,
__________________danke für den Hinweis! Hier nun FRST.text : FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by xxx (administrator) on PC on 04-07-2014 20:45:37
Running from C:\Users\xxx\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.1.7\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17129_none_fa6387b99b0c7738\TiWorker.exe
(Farbar) C:\Users\xxx\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * aswBoot.exe /A:"* " /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:1 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x757F546DEA5ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\user.js
FF Extension: German Dictionary - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-06-10]
FF Extension: Boost - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\boost@boost.net.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-06-29]
Chrome:
=======
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=ds&ts=1403759187&from=tugs&uid=ST9500423AS_6WR0W6RNXXXX6WR0W6RN&q={searchTerms}
CHR Extension: (Google Drive) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Google-Suche) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (AVG Secure Search) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-06-19]
CHR Extension: (Google Wallet) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Google Mail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-26] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-26] (globalUpdate) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-08] (IObit)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [47504 2014-05-12] (Synaptics Incorporated)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-20] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-04 20:45 - 2014-07-04 20:45 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64 (2).exe
2014-07-04 20:43 - 2014-07-04 20:43 - 00028117 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 22:16 - 2014-07-03 22:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\xxx\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\xxx\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\xxx\Downloads\Gmer-19357.exe
2014-07-03 21:13 - 2014-07-03 21:54 - 00026627 _____ () C:\Users\xxx\Downloads\Addition.txt
2014-07-03 21:11 - 2014-07-04 20:45 - 00012884 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-07-03 21:11 - 2014-07-04 20:45 - 00000000 ____D () C:\FRST
2014-07-03 21:10 - 2014-07-03 21:10 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64 (1).exe
2014-07-03 21:09 - 2014-07-03 21:09 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\xxx\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\xxx\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger.exe
2014-07-03 19:48 - 2014-07-03 19:49 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 19:48 - 2014-07-03 19:48 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-03 19:48 - 2014-07-03 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-03 19:47 - 2014-07-03 19:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 19:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-03 19:47 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-03 19:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-03 08:40 - 2014-07-03 08:41 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\xxx\Downloads\SpyHunter-Installer.exe
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-26 07:24 - 2014-06-26 07:24 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:14 - 2014-06-26 07:13 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:12 - 2014-06-26 07:13 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-26 07:07 - 2014-07-04 20:41 - 00001476 _____ () C:\WINDOWS\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user.job
2014-06-26 07:07 - 2014-06-26 07:07 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\SupTab
2014-06-26 07:06 - 2014-07-04 20:41 - 00000902 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-26 07:06 - 2014-07-03 07:11 - 00000906 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-26 07:06 - 2014-06-26 07:06 - 00003878 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-26 07:06 - 2014-06-26 07:06 - 00003642 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-26 07:06 - 2014-06-26 07:06 - 00000000 ____D () C:\Users\xxx\AppData\Local\globalUpdate
2014-06-26 07:06 - 2014-06-26 07:06 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-20 17:10 - 2014-06-20 17:10 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-19 12:57 - 2014-06-20 17:10 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-19 12:57 - 2014-06-19 18:03 - 00000000 ____D () C:\Users\xxx\AppData\Local\AVG SafeGuard toolbar
2014-06-19 12:57 - 2014-06-19 12:57 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-06-19 12:56 - 2014-06-20 17:10 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-19 12:56 - 2014-06-19 12:57 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\xxx\AppData\Roaming\temp.ini
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\xxx\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:35 - 2014-06-14 22:35 - 00001278 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-11 18:45 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 07:24 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 07:24 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 07:24 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 07:24 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 07:24 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 07:24 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 07:24 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 07:24 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 07:24 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 07:24 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 07:24 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 07:24 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 07:24 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 07:24 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:23 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 07:23 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 07:23 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 07:23 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 07:23 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 07:23 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 07:23 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 07:23 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 07:23 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 07:23 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 07:23 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 07:23 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 07:23 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 07:23 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 07:23 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 07:23 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 07:23 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 07:23 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 07:23 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 07:23 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 07:23 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 07:23 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 07:23 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 07:23 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 07:23 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 07:23 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 07:23 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 07:23 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 07:23 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 07:23 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 07:23 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 07:23 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 07:23 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 07:23 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 07:23 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 07:23 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 07:23 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 07:23 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 07:23 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 07:23 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 07:23 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 07:23 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 07:23 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 07:23 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 07:23 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 07:23 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 07:23 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 07:23 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 07:23 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-11 07:23 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 07:23 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 07:23 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 07:23 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 07:23 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 07:23 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 07:23 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 07:23 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 07:23 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 07:23 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 07:23 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 07:23 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 07:23 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 07:23 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 07:22 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 07:22 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 07:22 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 07:22 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 07:22 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 07:22 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 07:22 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 07:22 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 07:22 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 07:22 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-06-08 23:35 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\TuneUp Software
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 23:33 - 2014-06-27 21:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-07-04 20:47 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-08 23:09 - 2014-06-08 23:38 - 00000000 ____D () C:\Users\xxx\AppData\Local\Avg2014
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\xxx\AppData\Local\MFAData
2014-06-08 20:32 - 2014-06-14 22:35 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ProductData
2014-06-08 20:27 - 2014-07-01 15:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-08 20:27 - 2014-06-08 20:44 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:26 - 2014-06-09 11:35 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\IObit
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\xxx\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:23 - 2014-06-08 13:45 - 00000000 ____D () C:\Users\xxx\Documents\Kita Bewerbung
2014-06-08 13:21 - 2014-06-08 13:22 - 00000000 ____D () C:\Users\xxx\Documents\Strom Rechnung
2014-06-07 23:18 - 2014-06-08 15:48 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\tor
2014-06-07 17:35 - 2014-06-07 17:42 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVEREST Home Edition
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\EVEREST Home Edition
2014-06-05 20:45 - 2014-06-05 20:45 - 00000424 _____ () C:\Users\xxx\Desktop\Dieser PC - Verknüpfung.lnk
2014-06-05 20:21 - 2014-06-05 20:21 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-05 20:08 - 2014-06-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-05 19:40 - 2014-06-07 13:50 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
==================== One Month Modified Files and Folders =======
2014-07-04 20:47 - 2014-06-08 23:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-04 20:46 - 2014-07-03 21:11 - 00012884 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-07-04 20:46 - 2013-06-01 18:55 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-645814921-2363520728-22122384-1001
2014-07-04 20:45 - 2014-07-04 20:45 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64 (2).exe
2014-07-04 20:45 - 2014-07-03 21:11 - 00000000 ____D () C:\FRST
2014-07-04 20:44 - 2014-07-04 20:43 - 00028117 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-04 20:44 - 2013-11-20 19:28 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B38C15F-CE40-4631-A609-DD57F3A66C09}
2014-07-04 20:41 - 2014-06-26 07:07 - 00001476 _____ () C:\WINDOWS\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user.job
2014-07-04 20:41 - 2014-06-26 07:06 - 00000902 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 20:41 - 2014-05-24 09:19 - 00000000 ____D () C:\ProgramData\Validity
2014-07-04 20:41 - 2014-01-18 13:18 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 20:40 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-03 22:27 - 2013-10-27 23:06 - 00000000 ____D () C:\Users\xxx
2014-07-03 22:27 - 2013-06-01 21:21 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-03 22:24 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-03 22:24 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-03 22:24 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-03 22:21 - 2014-07-03 22:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-03 21:54 - 2014-07-03 21:13 - 00026627 _____ () C:\Users\xxx\Downloads\Addition.txt
2014-07-03 21:51 - 2014-01-18 13:18 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\xxx\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\xxx\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\xxx\Downloads\Gmer-19357.exe
2014-07-03 21:10 - 2014-07-03 21:10 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64 (1).exe
2014-07-03 21:09 - 2014-07-03 21:09 - 02083840 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\xxx\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\xxx\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger.exe
2014-07-03 19:49 - 2014-07-03 19:48 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 19:48 - 2014-07-03 19:48 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-03 19:48 - 2014-07-03 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-03 19:48 - 2014-07-03 19:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 08:41 - 2014-07-03 08:40 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\xxx\Downloads\SpyHunter-Installer.exe
2014-07-03 07:11 - 2014-06-26 07:06 - 00000906 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-01 15:34 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-01 15:09 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-30 21:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-29 16:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 19:01 - 2013-06-08 19:50 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Skype
2014-06-28 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-27 21:14 - 2014-06-08 23:33 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-26 07:24 - 2014-06-26 07:24 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:13 - 2014-06-26 07:14 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:13 - 2014-06-26 07:12 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-26 07:07 - 2014-06-26 07:07 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\SupTab
2014-06-26 07:06 - 2014-06-26 07:06 - 00003878 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-26 07:06 - 2014-06-26 07:06 - 00003642 _____ () C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-26 07:06 - 2014-06-26 07:06 - 00000000 ____D () C:\Users\xxx\AppData\Local\globalUpdate
2014-06-26 07:06 - 2014-06-26 07:06 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-21 11:46 - 2014-01-18 13:18 - 00004084 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 11:46 - 2014-01-18 13:18 - 00003848 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 17:10 - 2014-06-20 17:10 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-20 17:10 - 2014-06-19 12:57 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-20 17:10 - 2014-06-19 12:56 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-19 18:03 - 2014-06-19 12:57 - 00000000 ____D () C:\Users\xxx\AppData\Local\AVG SafeGuard toolbar
2014-06-19 12:57 - 2014-06-19 12:57 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-06-19 12:57 - 2014-06-19 12:56 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\xxx\AppData\Roaming\temp.ini
2014-06-18 09:25 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\xxx\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:35 - 2014-06-14 22:35 - 00001278 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-06-14 22:35 - 2014-06-08 20:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-14 20:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 12:30 - 2014-04-21 13:30 - 00000000 ____D () C:\Users\xxx\Documents\xxx Steuer
2014-06-14 11:21 - 2013-09-02 09:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-14 11:19 - 2013-06-02 19:51 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-12 07:09 - 2013-10-27 23:25 - 00000000 ___RD () C:\Users\xxx\SkyDrive
2014-06-12 07:09 - 2013-08-22 16:44 - 00376176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:40 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 21:38 - 2013-06-28 16:29 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\vlc
2014-06-11 09:55 - 2013-06-01 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-09 11:38 - 2013-06-19 20:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-09 11:35 - 2014-06-08 20:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 23:38 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\xxx\AppData\Local\Avg2014
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-06-08 23:35 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\TuneUp Software
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 23:35 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\xxx\AppData\Local\MFAData
2014-06-08 21:39 - 2013-10-27 23:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-08 20:44 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ProductData
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\IObit
2014-06-08 20:08 - 2013-06-19 20:45 - 00000654 _____ () C:\WINDOWS\wiso.ini
2014-06-08 20:08 - 2013-06-19 20:44 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:48 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\tor
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\xxx\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:57 - 2013-03-07 17:42 - 00000000 ____D () C:\Users\xxx\Documents\xxx
2014-06-08 13:52 - 2013-12-14 14:47 - 00000000 ____D () C:\Users\xxx\Documents\xxx xxx
2014-06-08 13:45 - 2014-06-08 13:23 - 00000000 ____D () C:\Users\xxx\Documents\Kita Bewerbung
2014-06-08 13:22 - 2014-06-08 13:21 - 00000000 ____D () C:\Users\xxx\Documents\Strom Rechnung
2014-06-07 17:42 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-07 13:50 - 2014-06-05 19:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVEREST Home Edition
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\EVEREST Home Edition
2014-06-05 20:45 - 2014-06-05 20:45 - 00000424 _____ () C:\Users\xxx\Desktop\Dieser PC - Verknüpfung.lnk
2014-06-05 20:21 - 2014-06-05 20:21 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-05 20:21 - 2013-12-12 23:02 - 00000000 ____D () C:\Users\xxx\AppData\Local\Deployment
2014-06-05 20:08 - 2014-06-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-05 20:08 - 2014-01-18 13:17 - 00000000 ____D () C:\Users\xxx\AppData\Local\Google
2014-06-05 20:08 - 2014-01-18 13:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-05 20:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-04 08:01 - 2013-06-21 22:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-03 21:01
==================== End Of Log ============================
|
|
05.07.2014, 18:08
| #4 |
| /// the machine /// TB-Ausbilder | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.07.2014, 22:42
| #5 |
| | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Hallo Schrauber, zunächst konnten die in FRST als attention gekenzeichneten Elemente nicht mit revounistaller gelöscht werden. Nach den von dir vorgegeben AKtionen glaube ich jedoch, dass sie nun verschwunden sind. Hier nun die Logfiles: Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 05.07.2014 Suchlauf-Zeit: 22:41:50 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.05.10 Rootkit Datenbank: v2014.07.03.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Nina Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 292126 Verstrichene Zeit: 18 Min, 44 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) __________________________________________________________________AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 05/07/2014 um 23:06:49
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : Nina - PC
# Gestartet von : C:\Users\Nina\Downloads\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : vToolbarUpdater18.1.7
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG SafeGuard toolbar
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\Uninstaller
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Ordner Gelöscht : C:\Users\Nina\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Nina\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Nina\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Nina\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Nina\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Nina\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Nina\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\user.js
Datei Gelöscht : C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gelöscht : C:\WINDOWS\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user.job
Datei Gelöscht : C:\WINDOWS\System32\Tasks\7a9a219b-478f-4b4a-a06c-f4e2bc0f6231-5_user
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Nina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Nina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\JFileManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\JFileManager_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SOFTWARE\5c55da8cbc3ab845
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AutoLyrics
Schlüssel Gelöscht : HKLM\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v
[ Datei : C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
*************************
AdwCleaner[R0].txt - [7634 octets] - [05/07/2014 23:05:18]
AdwCleaner[S0].txt - [6824 octets] - [05/07/2014 23:06:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6884 octets] ##########
______________________________________________________________________JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Nina on 05.07.2014 at 23:17:51,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-645814921-2363520728-22122384-1001\Software\sweetim
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2014 at 23:28:47,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_____________________________________________________________________ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Nina (administrator) on PC on 05-07-2014 23:32:47
Running from C:\Users\Nina\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * aswBoot.exe /A:"* " /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:1 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x757F546DEA5ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: German Dictionary - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-06-10]
FF Extension: Boost - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\boost@boost.net.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-06-29]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-05]
CHR Extension: (Google Drive) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (YouTube) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Google-Suche) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (Google Wallet) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Google Mail) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-08] (IObit)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [47504 2014-05-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-05 23:32 - 2014-07-05 23:32 - 00000000 ____D () C:\Users\Nina\Downloads\FRST-OlderVersion
2014-07-05 23:28 - 2014-07-05 23:28 - 00000804 _____ () C:\Users\Nina\Desktop\JRT.txt
2014-07-05 23:17 - 2014-07-05 23:17 - 01016261 _____ (Thisisu) C:\Users\Nina\Downloads\JRT.exe
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-05 23:08 - 2014-07-05 23:13 - 00000614 _____ () C:\WINDOWS\PFRO.log
2014-07-05 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-05 23:04 - 2014-07-05 23:12 - 00000000 ____D () C:\AdwCleaner
2014-07-05 23:03 - 2014-07-05 23:03 - 01346519 _____ () C:\Users\Nina\Downloads\adwcleaner_3.214.exe
2014-07-05 23:03 - 2014-07-05 23:03 - 00001145 _____ () C:\Users\Nina\Desktop\mbam.txt
2014-07-05 22:39 - 2014-07-05 22:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:38 - 2014-07-05 22:38 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-05 22:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-05 22:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-05 22:37 - 2014-07-05 22:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 22:30 - 2014-07-05 22:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nina\Downloads\revosetup95.exe
2014-07-05 22:30 - 2014-07-05 22:30 - 00001278 _____ () C:\Users\Nina\Desktop\Revo Uninstaller.lnk
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-04 20:43 - 2014-07-05 11:39 - 00046272 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 22:16 - 2014-07-03 22:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\Nina\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\Nina\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\Nina\Downloads\Gmer-19357.exe
2014-07-03 21:13 - 2014-07-03 21:54 - 00026627 _____ () C:\Users\Nina\Downloads\Addition.txt
2014-07-03 21:11 - 2014-07-05 23:32 - 00010315 _____ () C:\Users\Nina\Downloads\FRST.txt
2014-07-03 21:11 - 2014-07-05 23:32 - 00000000 ____D () C:\FRST
2014-07-03 21:09 - 2014-07-05 23:32 - 02084352 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\Nina\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\Nina\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger.exe
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 08:40 - 2014-07-03 08:41 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nina\Downloads\SpyHunter-Installer.exe
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:14 - 2014-06-26 07:13 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:12 - 2014-06-26 07:13 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-19 12:57 - 2014-06-20 17:10 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\Nina\AppData\Roaming\temp.ini
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\Nina\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-11 18:45 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 07:24 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 07:24 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 07:24 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 07:24 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 07:24 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 07:24 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 07:24 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 07:24 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 07:24 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 07:24 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 07:24 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 07:24 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 07:24 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 07:24 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:23 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 07:23 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 07:23 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 07:23 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 07:23 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 07:23 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 07:23 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 07:23 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 07:23 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 07:23 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 07:23 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 07:23 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 07:23 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 07:23 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 07:23 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 07:23 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 07:23 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 07:23 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 07:23 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 07:23 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 07:23 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 07:23 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 07:23 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 07:23 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 07:23 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 07:23 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 07:23 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 07:23 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 07:23 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 07:23 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 07:23 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 07:23 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 07:23 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 07:23 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 07:23 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 07:23 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 07:23 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 07:23 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 07:23 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 07:23 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 07:23 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 07:23 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 07:23 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 07:23 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 07:23 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 07:23 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 07:23 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 07:23 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 07:23 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-11 07:23 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 07:23 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 07:23 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 07:23 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 07:23 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 07:23 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 07:23 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 07:23 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 07:23 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 07:23 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 07:23 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 07:23 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 07:23 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 07:23 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 07:22 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 07:22 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 07:22 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 07:22 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 07:22 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 07:22 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 07:22 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 07:22 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 07:22 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 07:22 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-07-04 20:48 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-08 23:35 - 2014-07-04 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\TuneUp Software
2014-06-08 23:33 - 2014-06-27 21:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-07-05 22:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-08 23:09 - 2014-06-08 23:38 - 00000000 ____D () C:\Users\Nina\AppData\Local\Avg2014
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\MFAData
2014-06-08 20:32 - 2014-07-05 22:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\ProductData
2014-06-08 20:27 - 2014-07-01 15:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-08 20:27 - 2014-06-08 20:44 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:26 - 2014-06-09 11:35 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\IObit
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\Nina\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:23 - 2014-06-08 13:45 - 00000000 ____D () C:\Users\Nina\Documents\Kita Bewerbung
2014-06-08 13:21 - 2014-06-08 13:22 - 00000000 ____D () C:\Users\Nina\Documents\Strom Rechnung
2014-06-07 23:18 - 2014-06-08 15:48 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\tor
2014-06-07 17:35 - 2014-06-07 17:42 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVEREST Home Edition
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\EVEREST Home Edition
2014-06-05 20:45 - 2014-06-05 20:45 - 00000424 _____ () C:\Users\Nina\Desktop\Dieser PC - Verknüpfung.lnk
2014-06-05 20:21 - 2014-06-05 20:21 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-05 20:08 - 2014-07-05 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-05 19:40 - 2014-06-07 13:50 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
==================== One Month Modified Files and Folders =======
2014-07-05 23:33 - 2014-07-03 21:11 - 00010315 _____ () C:\Users\Nina\Downloads\FRST.txt
2014-07-05 23:32 - 2014-07-05 23:32 - 00000000 ____D () C:\Users\Nina\Downloads\FRST-OlderVersion
2014-07-05 23:32 - 2014-07-03 21:11 - 00000000 ____D () C:\FRST
2014-07-05 23:32 - 2014-07-03 21:09 - 02084352 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2014-07-05 23:28 - 2014-07-05 23:28 - 00000804 _____ () C:\Users\Nina\Desktop\JRT.txt
2014-07-05 23:27 - 2013-06-01 21:21 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-05 23:26 - 2013-06-01 18:55 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-645814921-2363520728-22122384-1001
2014-07-05 23:19 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-05 23:19 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-05 23:19 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-05 23:17 - 2014-07-05 23:17 - 01016261 _____ (Thisisu) C:\Users\Nina\Downloads\JRT.exe
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-05 23:14 - 2014-05-24 09:19 - 00000000 ____D () C:\ProgramData\Validity
2014-07-05 23:14 - 2014-01-18 13:18 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 23:14 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-05 23:13 - 2014-07-05 23:08 - 00000614 _____ () C:\WINDOWS\PFRO.log
2014-07-05 23:12 - 2014-07-05 23:04 - 00000000 ____D () C:\AdwCleaner
2014-07-05 23:06 - 2014-06-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-05 23:03 - 2014-07-05 23:03 - 01346519 _____ () C:\Users\Nina\Downloads\adwcleaner_3.214.exe
2014-07-05 23:03 - 2014-07-05 23:03 - 00001145 _____ () C:\Users\Nina\Desktop\mbam.txt
2014-07-05 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-05 22:52 - 2014-01-18 13:18 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 22:40 - 2014-07-05 22:39 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:38 - 2014-07-05 22:38 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 22:37 - 2014-07-05 22:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 22:32 - 2013-11-20 19:28 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B38C15F-CE40-4631-A609-DD57F3A66C09}
2014-07-05 22:30 - 2014-07-05 22:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nina\Downloads\revosetup95.exe
2014-07-05 22:30 - 2014-07-05 22:30 - 00001278 _____ () C:\Users\Nina\Desktop\Revo Uninstaller.lnk
2014-07-05 22:30 - 2014-06-08 23:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-05 22:30 - 2014-06-08 20:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-05 11:39 - 2014-07-04 20:43 - 00046272 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-06-08 23:35 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-04 20:48 - 2014-06-08 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-03 22:27 - 2013-10-27 23:06 - 00000000 ____D () C:\Users\Nina
2014-07-03 22:21 - 2014-07-03 22:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 21:54 - 2014-07-03 21:13 - 00026627 _____ () C:\Users\Nina\Downloads\Addition.txt
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\Nina\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\Nina\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\Nina\Downloads\Gmer-19357.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\Nina\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\Nina\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger.exe
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 08:41 - 2014-07-03 08:40 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nina\Downloads\SpyHunter-Installer.exe
2014-07-01 15:34 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-01 15:09 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-30 21:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-29 16:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 19:01 - 2013-06-08 19:50 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Skype
2014-06-28 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-27 21:14 - 2014-06-08 23:33 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:13 - 2014-06-26 07:14 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:13 - 2014-06-26 07:12 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-21 11:46 - 2014-01-18 13:18 - 00004084 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 11:46 - 2014-01-18 13:18 - 00003848 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 17:10 - 2014-06-19 12:57 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\Nina\AppData\Roaming\temp.ini
2014-06-18 09:25 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\Nina\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-14 20:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 12:30 - 2014-04-21 13:30 - 00000000 ____D () C:\Users\Nina\Documents\Bank Steuer
2014-06-14 11:21 - 2013-09-02 09:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-14 11:19 - 2013-06-02 19:51 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-12 07:09 - 2013-10-27 23:25 - 00000000 ___RD () C:\Users\Nina\SkyDrive
2014-06-12 07:09 - 2013-08-22 16:44 - 00376176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:40 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 21:38 - 2013-06-28 16:29 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\vlc
2014-06-11 09:55 - 2013-06-01 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-09 11:38 - 2013-06-19 20:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-09 11:35 - 2014-06-08 20:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 23:38 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\Avg2014
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\TuneUp Software
2014-06-08 23:35 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\MFAData
2014-06-08 21:39 - 2013-10-27 23:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-08 20:44 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\ProductData
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\IObit
2014-06-08 20:08 - 2013-06-19 20:45 - 00000654 _____ () C:\WINDOWS\wiso.ini
2014-06-08 20:08 - 2013-06-19 20:44 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:48 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\tor
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\Nina\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:57 - 2013-03-07 17:42 - 00000000 ____D () C:\Users\Nina\Documents\nina
2014-06-08 13:52 - 2013-12-14 14:47 - 00000000 ____D () C:\Users\Nina\Documents\Renault Bank
2014-06-08 13:45 - 2014-06-08 13:23 - 00000000 ____D () C:\Users\Nina\Documents\Kita Bewerbung
2014-06-08 13:22 - 2014-06-08 13:21 - 00000000 ____D () C:\Users\Nina\Documents\Strom Rechnung
2014-06-07 17:42 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-07 13:50 - 2014-06-05 19:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVEREST Home Edition
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\EVEREST Home Edition
2014-06-05 20:45 - 2014-06-05 20:45 - 00000424 _____ () C:\Users\Nina\Desktop\Dieser PC - Verknüpfung.lnk
2014-06-05 20:21 - 2014-06-05 20:21 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-05 20:21 - 2013-12-12 23:02 - 00000000 ____D () C:\Users\Nina\AppData\Local\Deployment
2014-06-05 20:08 - 2014-01-18 13:17 - 00000000 ____D () C:\Users\Nina\AppData\Local\Google
2014-06-05 20:08 - 2014-01-18 13:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-05 20:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
Some content of TEMP:
====================
C:\Users\Nina\AppData\Local\Temp\Quarantine.exe
C:\Users\Nina\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-04 20:56
==================== End Of Log ============================
Ist der Rechner nun sauber? Vielen Dank für die Hilfe! |
|
06.07.2014, 11:37
| #6 |
| /// the machine /// TB-Ausbilder | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Kontrollscans  ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! |
|
06.07.2014, 14:50
| #7 |
| | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7587 # api_version=3.0.2 # EOSSerial=6ef3e192c4df024787af39b7eede15e0 # engine=19043 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-07-06 12:58:05 # local_time=2014-07-06 02:58:05 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='AVG AntiVirus Free Edition 2014' # compatibility_mode=1051 16777213 100 100 99071 91785469 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 2394328 9035006 0 0 # scanned=150799 # found=0 # cleaned=0 # scan_time=7143 _______________________________________________________________ Results of screen317's Security Check version 0.99.85 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java version out of Date! Adobe Flash Player 13.0.0.214 Flash Player out of Date! Adobe Reader XI Google Chrome 35.0.1916.114 Google Chrome 35.0.1916.153 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` _________________________________________________________________ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Nina (administrator) on PC on 06-07-2014 15:46:48
Running from C:\Users\Nina\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Users\Nina\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * aswBoot.exe /A:"* " /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:1 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x757F546DEA5ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: German Dictionary - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-06-10]
FF Extension: Boost - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\boost@boost.net.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\oj97kh7i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-06-29]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-05]
CHR Extension: (Google Drive) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (YouTube) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Google-Suche) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (Google Wallet) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Google Mail) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-08] (IObit)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 valWBFPolicyService; C:\Windows\System32\valWBFPolicyService.exe [47504 2014-05-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-06-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-06 15:43 - 2014-07-06 15:43 - 00854390 _____ () C:\Users\Nina\Downloads\SecurityCheck.exe
2014-07-06 12:55 - 2014-07-06 12:55 - 02347384 _____ (ESET) C:\Users\Nina\Downloads\esetsmartinstaller_deu.exe
2014-07-06 12:14 - 2014-07-06 12:33 - 00031909 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-05 23:32 - 2014-07-05 23:32 - 00000000 ____D () C:\Users\Nina\Downloads\FRST-OlderVersion
2014-07-05 23:28 - 2014-07-05 23:28 - 00000804 _____ () C:\Users\Nina\Desktop\JRT.txt
2014-07-05 23:17 - 2014-07-05 23:17 - 01016261 _____ (Thisisu) C:\Users\Nina\Downloads\JRT.exe
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-05 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-05 23:04 - 2014-07-05 23:12 - 00000000 ____D () C:\AdwCleaner
2014-07-05 23:03 - 2014-07-05 23:03 - 01346519 _____ () C:\Users\Nina\Downloads\adwcleaner_3.214.exe
2014-07-05 23:03 - 2014-07-05 23:03 - 00001145 _____ () C:\Users\Nina\Desktop\mbam.txt
2014-07-05 22:39 - 2014-07-05 22:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:38 - 2014-07-05 22:38 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-05 22:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-05 22:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-05 22:37 - 2014-07-05 22:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 22:30 - 2014-07-05 22:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nina\Downloads\revosetup95.exe
2014-07-05 22:30 - 2014-07-05 22:30 - 00001278 _____ () C:\Users\Nina\Desktop\Revo Uninstaller.lnk
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-03 22:16 - 2014-07-03 22:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\Nina\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\Nina\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\Nina\Downloads\Gmer-19357.exe
2014-07-03 21:13 - 2014-07-03 21:54 - 00026627 _____ () C:\Users\Nina\Downloads\Addition.txt
2014-07-03 21:11 - 2014-07-06 15:46 - 00010050 _____ () C:\Users\Nina\Downloads\FRST.txt
2014-07-03 21:11 - 2014-07-06 15:46 - 00000000 ____D () C:\FRST
2014-07-03 21:09 - 2014-07-05 23:32 - 02084352 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\Nina\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\Nina\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger.exe
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 08:40 - 2014-07-03 08:41 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nina\Downloads\SpyHunter-Installer.exe
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:14 - 2014-06-26 07:13 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:14 - 2014-06-26 07:13 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:12 - 2014-06-26 07:13 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-19 12:57 - 2014-06-20 17:10 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\Nina\AppData\Roaming\temp.ini
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\Nina\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-11 18:45 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 07:24 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 07:24 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 07:24 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 07:24 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 07:24 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 07:24 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 07:24 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 07:24 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 07:24 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 07:24 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 07:24 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 07:24 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 07:24 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 07:24 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 07:24 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 07:24 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 07:24 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 07:24 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 07:24 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 07:24 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 07:24 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 07:24 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 07:24 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 07:24 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:23 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 07:23 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 07:23 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 07:23 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 07:23 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 07:23 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 07:23 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 07:23 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 07:23 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 07:23 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 07:23 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 07:23 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 07:23 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 07:23 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 07:23 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 07:23 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 07:23 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 07:23 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 07:23 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 07:23 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 07:23 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 07:23 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 07:23 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 07:23 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 07:23 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 07:23 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 07:23 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 07:23 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 07:23 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 07:23 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 07:23 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 07:23 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 07:23 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 07:23 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 07:23 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 07:23 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 07:23 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 07:23 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 07:23 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 07:23 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 07:23 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 07:23 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 07:23 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 07:23 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 07:23 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 07:23 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 07:23 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 07:23 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 07:23 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 07:23 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 07:23 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 07:23 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 07:23 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 07:23 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 07:23 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 07:23 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 07:23 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 07:23 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 07:23 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 07:23 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 07:23 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 07:23 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 07:23 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 07:23 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 07:23 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 07:23 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 07:23 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 07:23 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 07:23 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 07:23 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-11 07:23 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 07:23 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 07:23 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-11 07:23 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 07:23 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 07:23 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 07:23 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 07:23 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 07:23 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 07:23 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 07:23 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 07:23 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 07:23 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 07:23 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 07:23 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 07:23 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 07:23 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 07:23 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 07:23 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 07:23 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 07:23 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 07:23 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 07:22 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 07:22 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 07:22 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 07:22 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 07:22 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 07:22 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 07:22 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 07:22 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 07:22 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 07:22 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 07:22 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-07-04 20:48 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-08 23:35 - 2014-07-04 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\TuneUp Software
2014-06-08 23:33 - 2014-06-27 21:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-07-06 12:13 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-08 23:09 - 2014-06-08 23:38 - 00000000 ____D () C:\Users\Nina\AppData\Local\Avg2014
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\MFAData
2014-06-08 20:32 - 2014-07-05 22:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\ProductData
2014-06-08 20:27 - 2014-07-01 15:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-08 20:27 - 2014-06-08 20:44 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:26 - 2014-06-09 11:35 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\IObit
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\Nina\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:23 - 2014-06-08 13:45 - 00000000 ____D () C:\Users\Nina\Documents\Kita Bewerbung
2014-06-08 13:21 - 2014-06-08 13:22 - 00000000 ____D () C:\Users\Nina\Documents\Strom Rechnung
2014-06-07 23:18 - 2014-06-08 15:48 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\tor
2014-06-07 17:35 - 2014-06-07 17:42 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
==================== One Month Modified Files and Folders =======
2014-07-06 15:47 - 2014-07-03 21:11 - 00010050 _____ () C:\Users\Nina\Downloads\FRST.txt
2014-07-06 15:46 - 2014-07-03 21:11 - 00000000 ____D () C:\FRST
2014-07-06 15:43 - 2014-07-06 15:43 - 00854390 _____ () C:\Users\Nina\Downloads\SecurityCheck.exe
2014-07-06 15:27 - 2013-06-01 21:21 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-06 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-06 14:51 - 2014-01-18 13:18 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 12:56 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-06 12:56 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-06 12:56 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-06 12:55 - 2014-07-06 12:55 - 02347384 _____ (ESET) C:\Users\Nina\Downloads\esetsmartinstaller_deu.exe
2014-07-06 12:46 - 2013-06-01 18:55 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-645814921-2363520728-22122384-1001
2014-07-06 12:33 - 2014-07-06 12:14 - 00031909 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-06 12:14 - 2013-11-20 19:28 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B38C15F-CE40-4631-A609-DD57F3A66C09}
2014-07-06 12:13 - 2014-06-08 23:09 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-06 12:07 - 2014-05-24 09:19 - 00000000 ____D () C:\ProgramData\Validity
2014-07-06 12:07 - 2014-01-18 13:18 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 12:07 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-05 23:32 - 2014-07-05 23:32 - 00000000 ____D () C:\Users\Nina\Downloads\FRST-OlderVersion
2014-07-05 23:32 - 2014-07-03 21:09 - 02084352 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2014-07-05 23:28 - 2014-07-05 23:28 - 00000804 _____ () C:\Users\Nina\Desktop\JRT.txt
2014-07-05 23:17 - 2014-07-05 23:17 - 01016261 _____ (Thisisu) C:\Users\Nina\Downloads\JRT.exe
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-05 23:12 - 2014-07-05 23:04 - 00000000 ____D () C:\AdwCleaner
2014-07-05 23:06 - 2014-06-05 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-05 23:03 - 2014-07-05 23:03 - 01346519 _____ () C:\Users\Nina\Downloads\adwcleaner_3.214.exe
2014-07-05 23:03 - 2014-07-05 23:03 - 00001145 _____ () C:\Users\Nina\Desktop\mbam.txt
2014-07-05 22:40 - 2014-07-05 22:39 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:38 - 2014-07-05 22:38 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 22:38 - 2014-07-05 22:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 22:37 - 2014-07-05 22:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-07-05 22:30 - 2014-07-05 22:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nina\Downloads\revosetup95.exe
2014-07-05 22:30 - 2014-07-05 22:30 - 00001278 _____ () C:\Users\Nina\Desktop\Revo Uninstaller.lnk
2014-07-05 22:30 - 2014-06-08 20:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-07-04 20:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-04 20:48 - 2014-06-08 23:35 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-04 20:48 - 2014-06-08 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-03 22:27 - 2013-10-27 23:06 - 00000000 ____D () C:\Users\Nina
2014-07-03 22:21 - 2014-07-03 22:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 21:54 - 2014-07-03 21:13 - 00026627 _____ () C:\Users\Nina\Downloads\Addition.txt
2014-07-03 21:46 - 2014-07-03 21:46 - 00000242 _____ () C:\Users\Nina\Downloads\defogger_enable.log
2014-07-03 21:45 - 2014-07-03 21:45 - 00015990 _____ () C:\Users\Nina\Desktop\GMER.log
2014-07-03 21:16 - 2014-07-03 21:16 - 00380416 _____ () C:\Users\Nina\Downloads\Gmer-19357.exe
2014-07-03 21:08 - 2014-07-03 21:08 - 00000470 _____ () C:\Users\Nina\Downloads\defogger_disable.log
2014-07-03 21:07 - 2014-07-03 21:07 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger (1).exe
2014-07-03 20:56 - 2014-07-03 20:56 - 00001040 _____ () C:\Users\Nina\Desktop\abc.txt
2014-07-03 20:48 - 2014-07-03 20:48 - 00050477 _____ () C:\Users\Nina\Downloads\Defogger.exe
2014-07-03 19:47 - 2014-07-03 19:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-03 08:41 - 2014-07-03 08:40 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-03 07:50 - 2014-07-03 07:50 - 00000000 _____ () C:\autoexec.bat
2014-07-03 07:48 - 2014-07-03 07:48 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-03 07:46 - 2014-07-03 07:46 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Nina\Downloads\SpyHunter-Installer.exe
2014-07-01 15:34 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-01 15:09 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-30 21:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-29 16:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-06-29 15:13 - 2014-06-29 15:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-28 19:01 - 2013-06-08 19:50 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Skype
2014-06-28 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-27 21:14 - 2014-06-08 23:33 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-26 07:14 - 2014-06-26 07:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-26 07:13 - 2014-06-26 07:14 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-26 07:13 - 2014-06-26 07:14 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-26 07:13 - 2014-06-26 07:12 - 00000000 ____D () C:\Program Files\Java
2014-06-26 07:12 - 2014-06-26 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-21 11:46 - 2014-01-18 13:18 - 00004084 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 11:46 - 2014-01-18 13:18 - 00003848 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 17:10 - 2014-06-19 12:57 - 00050464 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-06-19 12:51 - 2014-06-19 12:51 - 00000024 _____ () C:\Users\Nina\AppData\Roaming\temp.ini
2014-06-18 09:25 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys
2014-06-15 07:30 - 2014-06-15 07:30 - 00001183 _____ () C:\Users\Nina\Desktop\Auslogics DiskDefrag.lnk
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-15 07:30 - 2014-06-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-06-14 22:32 - 2014-06-14 22:32 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-06-14 22:32 - 2014-06-14 22:32 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-14 22:32 - 2014-06-14 22:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-14 20:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 12:30 - 2014-04-21 13:30 - 00000000 ____D () C:\Users\Nina\Documents\Bank Steuer
2014-06-14 11:21 - 2013-09-02 09:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-14 11:19 - 2013-06-02 19:51 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-12 12:43 - 2014-06-12 12:43 - 00000000 ____D () C:\Program Files (x86)\SamsungPrinterLiveUpdate
2014-06-12 07:09 - 2013-10-27 23:25 - 00000000 ___RD () C:\Users\Nina\SkyDrive
2014-06-12 07:09 - 2013-08-22 16:44 - 00376176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-11 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:40 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-11 21:38 - 2013-06-28 16:29 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\vlc
2014-06-11 09:55 - 2013-06-01 18:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 07:20 - 2014-06-11 07:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 07:19 - 2014-06-11 07:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 07:18 - 2014-06-11 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 07:18 - 2014-06-11 07:18 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-09 11:38 - 2013-06-19 20:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-09 11:35 - 2014-06-08 20:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-08 23:38 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\Avg2014
2014-06-08 23:36 - 2014-06-08 23:36 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\AVG2014
2014-06-08 23:35 - 2014-06-08 23:35 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\TuneUp Software
2014-06-08 23:35 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ___HD () C:\$AVG
2014-06-08 23:33 - 2014-06-08 23:33 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-06-08 23:09 - 2014-06-08 23:09 - 00000000 ____D () C:\Users\Nina\AppData\Local\MFAData
2014-06-08 21:39 - 2013-10-27 23:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-08 20:44 - 2014-06-08 20:27 - 00000000 ____D () C:\ProgramData\IObit
2014-06-08 20:28 - 2014-06-08 20:28 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\ProductData
2014-06-08 20:26 - 2014-06-08 20:26 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\IObit
2014-06-08 20:08 - 2013-06-19 20:45 - 00000654 _____ () C:\WINDOWS\wiso.ini
2014-06-08 20:08 - 2013-06-19 20:44 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-06-08 16:03 - 2013-10-27 23:06 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-06-08 16:01 - 2014-06-08 16:01 - 00000000 ____D () C:\$WINDOWS.~BT
2014-06-08 15:48 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\tor
2014-06-08 15:43 - 2014-06-08 15:43 - 00000000 ____D () C:\Users\Nina\AppData\Local\Microsoft Corporation
2014-06-08 15:15 - 2014-06-08 15:15 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-06-08 13:57 - 2013-03-07 17:42 - 00000000 ____D () C:\Users\Nina\Documents\nina
2014-06-08 13:52 - 2013-12-14 14:47 - 00000000 ____D () C:\Users\Nina\Documents\Renault Bank
2014-06-08 13:45 - 2014-06-08 13:23 - 00000000 ____D () C:\Users\Nina\Documents\Kita Bewerbung
2014-06-08 13:22 - 2014-06-08 13:21 - 00000000 ____D () C:\Users\Nina\Documents\Strom Rechnung
2014-06-07 17:42 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-07 17:35 - 2014-06-07 17:35 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-07 13:50 - 2014-06-05 19:40 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
Some content of TEMP:
====================
C:\Users\Nina\AppData\Local\Temp\Quarantine.exe
C:\Users\Nina\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-06 15:01
==================== End Of Log ============================
|
|
06.07.2014, 17:55
| #8 |
| /// the machine /// TB-Ausbilder | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Java und Flash updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2014, 20:25
| #9 |
| | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! Fantastisch! Das hat alles echt schnell geklappt. Ich hätte nicht gedacht, dass Du mir wirklich so schnell bei der Lösung meines Problems helfen würdest. Immer super schnell auf meine Antworten reagiert und das vor allem auch am Wochenende, wo man sicher besseres zu tun hätte!! Ich wollte schon das ganze System neu auf den rechnen packen und konnte das durch deine guten Hinweise gottseidank vermeiden! Nochmals vielen Dank an dich und an das ganze board-team! Noch eine kurze Frage: Ist es ok ein Antivirenprogramm und Malwarebytes gleichzeitig laufen zu lassen oder blockieren die sich dann irgendwie gegenseitig? Beste Grüße |
|
07.07.2014, 14:01
| #10 |
| /// the machine /// TB-Ausbilder | windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! ja ist ok Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu windows 8: istart.webssearches.com und spy hunter 4 auf dem rechner! |
| .dll, 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, avg, avg antivirus, defender, detected, dll, excel, flash player, helper, home, installation, istart.webssearch, istart.webssearches.com, logfiles, malware, malwarebytes, namen, programm, remotecomputer, rundll, scan, secure, secure search, security, software, sp3, spy hunter 4, treiber, vtoolbarupdater, windows, wiso |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
