Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...

Andyleinchen · 31.07.2014, 01:01

Und noch FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2014
Ran by Andrea (administrator) on ANDREA-PC on 31-07-2014 01:45:58
Running from C:\Users\Andrea\Downloads
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Corporation) C:\Program Files\Stardock\MyColors\VistaSrv.exe
() C:\Program Files\Stardock\MyColors\WBVista.exe
() C:\Windows\System32\dmwu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
() C:\Windows\System32\jmdp\stij.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
() C:\Program Files\AVG Secure Search\vprot.exe
() C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3601385101-2140175397-1978509390-1000\...\MountPoints2: {9bba8ab2-87ee-11e2-8299-5404a629b83b} - E:\Startme.exe
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll => C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll [1723320 2013-04-01] (Bandoo Media, inc)
AppInit_DLLs:  C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll => C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll [1185208 2012-08-06] (Bandoo Media, inc)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=10&cc=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=b2e820680000000000005404a629b83b
SearchScopes: HKCU - {23BE01D0-C186-4456-A856-F33472C1EF2D} URL = hxxp://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=201
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {48E9923A-16C4-410A-9D2B-97CA7A6E9743} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyK0cewlx&i=26
BHO: Ginyas Browser Companion -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: I Want This -> {11111111-1111-1111-1111-110011221158} -> C:\Program Files\I Want This\I Want This.dll (215 Apps)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files\BetterAds\ScriptHost.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
BHO: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-04]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=b2e820680000000000005404a629b83b
CHR DefaultSearchKeyword: t-online-shop.de
CHR DefaultNewTabURL: 
CHR Extension: (Browser Companion Helper) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2013-07-30]
CHR Extension: (BetterAds) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki [2013-07-30]
CHR Extension: (New tab for Chrome™) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2013-07-30]
CHR Extension: (I Want This) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk [2013-07-11]
CHR Extension: (AVG Security Toolbar) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-07-30]
CHR Extension: (Google Wallet) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Andrea\AppData\Local\MediaBA\betterads.crx [2012-08-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Andrea\AppData\Local\I Want This\Chrome\I Want This.crx [2012-02-21]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx [2013-12-09]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Andrea\AppData\Local\Temp\YontooLayers.crx [2013-12-09]
CHR StartMenuInternet: Google Chrome - C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 IBUpdaterService; C:\windows\system32\dmwu.exe [1432368 2013-10-15] ()
R2 vToolbarUpdater18.1.7; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-07-26] (AVG Secure Search)
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2012-08-23] () [File not signed]
R2 WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [230704 2009-06-09] (Stardock Corporation)
S2 AsusService; C:\windows\system32\AsusService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42784 2014-07-26] (AVG Technologies)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-27] (Malwarebytes Corporation)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\drivers\btwrchid.sys [X]
U3 uwdiqpob; \??\C:\Users\Andrea\AppData\Local\Temp\uwdiqpob.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2010-11-20 14:40 - 00383786 __RSH () C:\bootmgr
2014-07-31 01:45 - 2014-07-31 01:46 - 00020602 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg2013
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:21 - 2014-07-31 01:46 - 00000000 ____D () C:\FRST
2014-07-30 20:19 - 2014-07-30 20:20 - 01084928 _____ (Farbar) C:\Users\Andrea\Downloads\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 15:11 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-07-27 14:52 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-27 14:52 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-07-27 14:43 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-27 14:43 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\system32\locale.nls
2014-07-27 14:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-07-27 14:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-07-27 14:42 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-07-27 14:42 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-07-27 14:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-27 14:41 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-27 14:41 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-07-27 14:41 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 14:41 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-07-27 14:41 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-07-27 14:41 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-07-27 14:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-07-27 14:41 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-07-27 14:41 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-07-27 14:39 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-27 14:38 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-27 13:57 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-27 13:54 - 2014-07-27 13:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-27 13:08 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-07-27 13:08 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-07-27 13:07 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-07-27 13:07 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-07-27 13:07 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-07-26 15:13 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-26 15:13 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-07-26 15:13 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-07-26 15:13 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-07-26 15:13 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-07-26 15:13 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-07-26 15:13 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-07-26 15:13 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-07-26 15:06 - 2014-07-26 15:06 - 00000000 _____ () C:\windows\system32\shoCBC7.tmp
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2009-07-14 06:57 - 00029696 ___SH () C:\windows\system32\config\BCD-Template.LOG
2030-01-02 09:28 - 2009-07-14 06:52 - 00032768 _____ () C:\windows\system32\config\BCD-Template
2014-07-31 01:46 - 2014-07-31 01:45 - 00020602 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:46 - 2014-07-30 20:21 - 00000000 ____D () C:\FRST
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 01:40 - 2013-01-26 16:40 - 00001052 _____ () C:\windows\Tasks\GinyasBrowserCompanions Stats Report.job
2014-07-31 01:38 - 2013-02-18 19:38 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion Runner.job
2014-07-31 01:37 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-07-31 01:34 - 2012-08-17 22:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\BrowserCompanion
2014-07-31 01:24 - 2013-02-18 19:38 - 00000924 _____ () C:\windows\Tasks\GinyasBrowserCompanion Update Checker.job
2014-07-31 01:20 - 2013-02-18 19:37 - 00001040 _____ () C:\windows\Tasks\GinyasBrowserCompanion Stats Report.job
2014-07-31 01:12 - 2011-12-15 00:12 - 01624075 _____ () C:\windows\WindowsUpdate.log
2014-07-31 01:11 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 01:11 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 01:05 - 2012-04-15 14:17 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 01:05 - 2012-02-23 21:11 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA.job
2014-07-31 01:04 - 2013-02-18 19:37 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2014-07-31 01:04 - 2013-02-18 19:37 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2014-07-31 01:04 - 2013-02-03 13:59 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 01:04 - 2013-01-26 16:40 - 00000936 _____ () C:\windows\Tasks\GinyasBrowserCompanions Update Checker.job
2014-07-31 01:04 - 2013-01-26 16:39 - 00001004 _____ () C:\windows\Tasks\GinyasBrowserCompanions FireFox Watcher.job
2014-07-31 01:04 - 2013-01-26 16:39 - 00001004 _____ () C:\windows\Tasks\GinyasBrowserCompanions Chrome Watcher.job
2014-07-31 01:03 - 2013-12-10 18:14 - 00001649 _____ () C:\windows\setupact.log
2014-07-31 01:03 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-31 01:03 - 2009-07-14 06:33 - 00289664 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-31 01:01 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-07-31 01:00 - 2013-12-10 18:13 - 00024444 _____ () C:\windows\PFRO.log
2014-07-31 00:51 - 2009-07-27 12:11 - 01674742 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:32 - 2013-08-24 00:26 - 00000000 ____D () C:\windows\system32\MRT
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-31 00:02 - 2013-02-03 13:59 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 23:26 - 2012-02-01 19:38 - 00001414 _____ () C:\Users\Andrea\Desktop\Registry kostenlos entrümpeln!.lnk
2014-07-30 23:26 - 2012-01-26 00:26 - 00000274 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-07-30 23:21 - 2012-03-30 18:21 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Facebook
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 23:15 - 2011-04-02 04:40 - 00000000 ____D () C:\Program Files\Intel
2014-07-30 22:50 - 2013-07-11 16:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 22:45 - 2011-04-02 04:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-07-30 22:41 - 2011-04-02 04:48 - 00000000 ____D () C:\Program Files\Asus
2014-07-30 22:41 - 2011-04-02 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-30 22:36 - 2011-04-02 04:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2014-07-30 22:32 - 2012-04-25 20:31 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-07-30 22:29 - 2011-04-02 04:51 - 00000000 ____D () C:\Program Files\Adobe
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg2013
2014-07-30 22:24 - 2011-12-14 09:46 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:20 - 2014-07-30 20:19 - 01084928 _____ (Farbar) C:\Users\Andrea\Downloads\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 17:43 - 2013-01-03 17:30 - 00000000 ____D () C:\Users\Andrea\AppData\Local\AVG Secure Search
2014-07-27 16:34 - 2013-01-06 21:18 - 00000000 ____D () C:\Facade
2014-07-27 15:05 - 2012-02-23 21:11 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core.job
2014-07-27 15:02 - 2012-01-26 00:26 - 00000266 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-07-27 14:55 - 2013-01-03 17:19 - 00000000 ____D () C:\ProgramData\AVG2013
2014-07-27 14:55 - 2012-08-31 10:21 - 00000000 ___HD () C:\$AVG
2014-07-27 14:06 - 2012-04-15 14:17 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-07-27 14:06 - 2011-12-14 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-27 13:55 - 2014-07-27 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:29 - 2013-12-15 15:09 - 00018872 _____ () C:\windows\IE11_main.log
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-26 15:16 - 2013-02-03 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-26 15:06 - 2014-07-26 15:06 - 00000000 _____ () C:\windows\system32\shoCBC7.tmp
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:38 - 2011-12-14 09:17 - 00000000 ____D () C:\Users\Andrea
2014-07-26 14:34 - 2012-01-26 00:33 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Google
2014-07-26 14:32 - 2011-12-27 23:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DVDVideoSoft
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp
2014-07-26 14:28 - 2011-12-25 00:13 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Skype
2014-07-26 14:23 - 2013-01-03 17:30 - 00042784 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2014-07-26 14:23 - 2013-01-03 17:30 - 00000000 ____D () C:\Program Files\AVG Secure Search

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-20 19:33

==================== End Of Log ============================

--- --- ---

Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...

Log-Analyse und Auswertung: Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...

Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...

Ähnliche Themen: Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...