| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: http://98uj8.de/s3brsn5ba66mgfzeinrum#noad Öffnet sich mehrmals im Browser. :(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.08.2014, 09:13
| #9 |
 |  http://98uj8.de/s3brsn5ba66mgfzeinrum#noad Öffnet sich mehrmals im Browser. :( Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014 Ran by chrissy at 2014-08-04 20:55:34 Run:2 Running from C:\Users\chrissy\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Program Files (x86)\VideoPlayerV3 C:\Program Files (x86)\MediaViewV1 C:\Program Files (x86)\MediaViewerV1 ***************** "C:\Program Files (x86)\VideoPlayerV3" => File/Directory not found. "C:\Program Files (x86)\MediaViewV1" => File/Directory not found. "C:\Program Files (x86)\MediaViewerV1" => File/Directory not found. ==== End of Fixlog ==== Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6128683f97f4e54ea4cf618c55d47683
# engine=19497
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-04 08:55:42
# local_time=2014-08-04 10:55:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 87 94 93164 193381715 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 16106 158815591 0 0
# scanned=57709
# found=0
# cleaned=0
# scan_time=6686
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6128683f97f4e54ea4cf618c55d47683
# engine=19497
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-05 01:12:36
# local_time=2014-08-05 03:12:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777213 87 94 108579 193397130 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 31521 158831006 0 0
# scanned=213468
# found=13
# cleaned=0
# scan_time=15200
sh=8F18725F30CEEE19ECF630C1F875F93027BA22AA ft=0 fh=0000000000000000 vn="OSX/ChatZum.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ChatZum Toolbar\Chrome_softonic.zip.vir"
sh=9DA187D5C3E987B46234347999FDD81F7604AEF1 ft=1 fh=97e421befd8323b3 vn="Variante von Win32/Toolbar.SearchSuite.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Uninstall.exe.vir"
sh=CF6185A9EDFBA0217C9D36D25CA9F6ADCC9F6BC8 ft=1 fh=f90d49fcbe154eac vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Components\NCHToolbars\conduit\ConduitInstaller.exe.vir"
sh=FED7CAA2E24771B66065C8D30131FC8037B6BD2A ft=1 fh=b41296876ed186e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\chrissy\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=39124F7BD6F91DA2179011F51AF1B068D6FEE8A9 ft=1 fh=c719b2fe67e3bb02 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=69EC990BCE3F294BD6ACED7C43195D6D58DE4065 ft=1 fh=e5a977fcb22e51c5 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\AppData\Local\Temp\c6e4fde4-a877-4cbd-97f5-587d9bfe4fff.exe"
sh=77CA6D151614B201DAC15A29F0560FF9699860F7 ft=1 fh=22d6388fc9af5552 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\AppData\Local\Temp\{3DA7002E-1525-485A-B580-0C44D1D5ED6E}.exe"
sh=546BEA50FA76F821041EF4CEBEE5673C078ED1EE ft=1 fh=328ad4088d5c2662 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\HijackThis - CHIP-Installer.exe"
sh=B2F385E7D7526A3657293C270D162B33A8E65B72 ft=1 fh=bcd99db26b358942 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=4F5656DB66752895AFC27DBC7F70413F4FB92CB8 ft=1 fh=d8017a171b971617 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\Microsoft Security Essentials - CHIP-Installer.exe"
sh=5B41D9FE9CB168566E9327C6E41ED0821D9A254E ft=1 fh=a23f831ecf690592 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (1).exe"
sh=6F44700195FA4071D7047900EEA6E0C008788C70 ft=1 fh=7563c891c3e0ff46 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (2).exe"
sh=817DF6363BCFD52DE0A7B25EFBBFF99DB23E483A ft=1 fh=667c7744080e8750 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by chrissy (administrator) on CHRISSY-PC on 05-08-2014 10:09:45
Running from C:\Users\chrissy\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIINE.EXE
(Akamai Technologies, Inc.) C:\Users\chrissy\AppData\Local\Akamai\netsession_win.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Akamai Technologies, Inc.) C:\Users\chrissy\AppData\Local\Akamai\netsession_win.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5138032 2012-04-02] (VIA)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-07] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-05-06] (Panda Security, S.L.)
HKU\S-1-5-21-2314164193-1907649449-486553819-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE [278112 2011-11-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2314164193-1907649449-486553819-1002\...\Run: [Akamai NetSession Interface] => C:\Users\chrissy\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2314164193-1907649449-486553819-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2314164193-1907649449-486553819-1002\...\MountPoints2: {24a9afd8-8c1e-11e2-910e-3085a9d559ce} - E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\chrissy\AppData\Roaming\Mozilla\Firefox\Profiles\jehx18mz.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\chrissy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\chrissy\AppData\Roaming\Mozilla\Firefox\Profiles\jehx18mz.default\searchplugins\ChatZumSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsch (DE) Language Pack - C:\Users\chrissy\AppData\Roaming\Mozilla\Firefox\Profiles\jehx18mz.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-05-02]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "https://www.google.de/"
CHR Extension: (From Dust) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (YouTube) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Google-Suche) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (AdBlock) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-11]
CHR Extension: (Creatures & Castles (Kreaturen & Burgen)) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpeacgpdnhofhebmincihdelcemhagd [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Bastion) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR Extension: (Privacy Badger) - C:\Users\chrissy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [fioihcgnlehhnjhngcgepgaheiimlfcl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta938\ch\VideoPlayerV3beta938.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [pmlekgafhjbfffffofdnmlncjahkcmjp] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2552\ch\MediaViewV1alpha2552.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [ppogoajdehopflenpcjhlchlmahcjlao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1681\ch\MediaViewerV1alpha1681.crx [2014-08-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [92800 2011-12-01] (ASUS)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-05-05] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-05-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-05-06] (Panda Security, S.L.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-22] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-08] (Windows (R) Win 7 DDK provider)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-05-02] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-05-02] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-05-02] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-05-02] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-05-02] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-05-02] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-05-02] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-05-02] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-05-02] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-05-02] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-05-02] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-05-02] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-05-05] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [119840 2014-05-05] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-05-05] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [121888 2014-05-05] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-05-06] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-05-05] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ALSysIO; \??\C:\Users\chrissy\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-05 10:09 - 2014-08-05 10:09 - 00018744 _____ () C:\Users\chrissy\Desktop\FRST.txt
2014-08-04 20:58 - 2014-08-04 20:59 - 02347384 _____ (ESET) C:\Users\chrissy\Downloads\esetsmartinstaller_deu.exe
2014-08-04 18:08 - 2014-08-04 18:08 - 00000000 ____D () C:\Windows\ERUNT
2014-08-04 18:07 - 2014-08-04 18:08 - 01016261 _____ (Thisisu) C:\Users\chrissy\Downloads\JRT.exe
2014-08-04 17:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-04 17:55 - 2014-08-04 18:00 - 00000000 ____D () C:\AdwCleaner
2014-08-04 17:55 - 2014-08-04 17:55 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302 (2).exe
2014-08-04 17:54 - 2014-08-04 17:54 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302 (1).exe
2014-08-04 17:53 - 2014-08-04 17:54 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302.exe
2014-08-04 17:48 - 2014-03-25 15:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-08-04 17:43 - 2014-08-04 15:31 - 02094080 _____ (Farbar) C:\Users\chrissy\Desktop\FRST64.exe
2014-08-04 17:22 - 2014-08-04 17:22 - 00001266 _____ () C:\Users\chrissy\Desktop\Revo Uninstaller.lnk
2014-08-04 17:22 - 2014-08-04 17:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-04 17:20 - 2014-08-04 17:21 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\chrissy\Downloads\revosetup95.exe
2014-08-04 15:51 - 2014-08-04 15:55 - 00035388 _____ () C:\Users\chrissy\Downloads\Addition.txt
2014-08-04 15:46 - 2014-08-05 10:09 - 00000000 ____D () C:\FRST
2014-08-04 15:46 - 2014-08-04 17:42 - 00053028 _____ () C:\Users\chrissy\Downloads\FRST.txt
2014-08-04 15:31 - 2014-08-04 15:31 - 02094080 _____ (Farbar) C:\Users\chrissy\Downloads\FRST64.exe
2014-08-04 11:58 - 2014-08-04 11:58 - 02393816 _____ () C:\Users\chrissy\Downloads\Boulder Dash EX (D, F, E).zip
2014-08-04 11:55 - 2014-08-04 11:56 - 03728443 _____ () C:\Users\chrissy\Downloads\King Kong (D, F, E).zip
2014-08-04 11:52 - 2014-08-04 11:52 - 02489049 _____ () C:\Users\chrissy\Downloads\Bomberman Tournament (E).zip
2014-08-03 21:03 - 2014-08-03 21:03 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Panda Security
2014-08-03 21:02 - 2014-08-03 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2014-08-03 21:02 - 2014-08-03 21:03 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-03 20:58 - 2014-08-03 21:03 - 00000000 ____D () C:\ProgramData\Panda Security
2014-08-03 20:57 - 2014-08-03 20:58 - 01369720 _____ () C:\Users\chrissy\Downloads\PandaCloudAntivirus.exe
2014-08-03 20:56 - 2014-08-03 20:56 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\Microsoft Security Essentials - CHIP-Installer.exe
2014-08-03 19:53 - 2014-08-03 19:54 - 06954261 _____ () C:\Users\chrissy\Downloads\Mario & Luigi - Superstar Saga (D).zip
2014-08-03 18:11 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140803-181155.backup
2014-08-03 17:26 - 2014-08-03 17:26 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (2).exe
2014-08-03 17:19 - 2014-08-03 17:19 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\LavasoftStatistics
2014-08-03 17:17 - 2014-08-03 17:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-08-03 17:15 - 2014-08-03 17:15 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-08-03 17:13 - 2014-08-03 20:45 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Lavasoft
2014-08-03 17:11 - 2014-08-03 17:12 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (1).exe
2014-08-03 17:08 - 2014-08-03 17:08 - 01707144 _____ () C:\Users\chrissy\Downloads\Adaware112_Installer.exe
2014-08-03 17:08 - 2014-08-03 17:08 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-08-03 17:03 - 2014-08-04 19:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 17:03 - 2014-08-03 17:03 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 17:03 - 2014-08-03 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-03 17:02 - 2014-08-03 17:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 17:02 - 2014-08-03 17:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-03 17:02 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-03 17:02 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-03 17:02 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-03 16:54 - 2014-08-03 16:54 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\HijackThis - CHIP-Installer.exe
2014-08-03 16:51 - 2014-08-03 16:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-08-02 20:09 - 2014-08-04 13:50 - 00000000 ____D () C:\Users\chrissy\Downloads\Gameforge Live
2014-08-02 20:09 - 2014-08-02 20:09 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Gameforge4d
2014-08-02 20:08 - 2014-08-02 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-08-02 20:08 - 2014-08-02 20:09 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-08-02 20:05 - 2014-08-02 20:06 - 20128064 _____ (Gameforge ) C:\Users\chrissy\Downloads\Elsword_GameforgeLiveSetup.exe
2014-08-02 17:01 - 2014-08-02 17:01 - 00001271 _____ () C:\Users\chrissy\Downloads\CoreTemp.ini
2014-08-02 17:00 - 2014-08-02 17:00 - 00734473 _____ () C:\Users\chrissy\Downloads\CoreTemp_1.0rc6.zip
2014-08-02 17:00 - 2013-12-10 18:20 - 00381763 _____ () C:\Users\chrissy\Downloads\CoreTemp64.zip
2014-08-02 17:00 - 2013-12-10 18:20 - 00352642 _____ () C:\Users\chrissy\Downloads\CoreTemp32.zip
2014-08-02 17:00 - 2013-10-08 13:23 - 00890016 _____ () C:\Users\chrissy\Downloads\Core Temp.exe
2014-08-02 17:00 - 2013-10-08 13:20 - 00027155 _____ () C:\Users\chrissy\Downloads\Changes.txt
2014-08-02 17:00 - 2010-09-06 03:55 - 00003630 _____ () C:\Users\chrissy\Downloads\Readme.txt
2014-08-02 17:00 - 2010-08-29 15:08 - 00000067 _____ () C:\Users\chrissy\Downloads\Core Temp Gadget & Addons.url
2014-08-02 17:00 - 2010-06-30 18:32 - 00006594 _____ () C:\Users\chrissy\Downloads\License.txt
2014-08-01 15:38 - 2014-08-03 18:43 - 00000085 _____ () C:\Windows\wininit.ini
2014-08-01 15:09 - 2014-08-03 18:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-01 15:09 - 2014-08-01 15:09 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-01 15:08 - 2014-08-03 20:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-01 15:03 - 2014-08-01 15:03 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-08-01 11:52 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 11:52 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 11:52 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 11:52 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 11:52 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 11:52 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 11:52 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 11:52 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 11:52 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 11:52 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 11:52 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 11:52 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 11:52 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 11:52 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 22:40 - 2014-07-31 22:40 - 00000000 ____D () C:\Users\chrissy\AppData\Local\TuneUp Software
2014-07-31 22:34 - 2014-07-31 22:37 - 28598072 _____ (TuneUp Software) C:\Users\chrissy\Downloads\TuneUpUtilities2014_34de-DE.exe
2014-07-31 14:47 - 2014-07-31 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-13 12:34 - 2014-08-04 18:01 - 00493720 _____ () C:\Windows\PFRO.log
2014-07-12 01:04 - 2014-07-12 01:04 - 00000000 ____D () C:\ProgramData\Nexon
2014-07-12 00:27 - 2014-08-04 23:28 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Skype
2014-07-12 00:27 - 2014-07-12 00:27 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ____D () C:\ProgramData\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-12 00:23 - 2014-08-02 20:01 - 00000000 ____D () C:\Program Files (x86)\NexonEU
2014-07-11 23:02 - 2014-07-11 23:03 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Akamai
2014-07-09 18:23 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 18:23 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 18:23 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 18:22 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 18:22 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 18:22 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 18:22 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 18:22 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 18:22 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 18:22 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 18:22 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 18:22 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 18:22 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 18:22 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 18:22 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 18:22 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 18:22 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 18:22 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 18:22 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 18:22 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 18:22 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 18:22 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 18:22 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 18:22 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 18:22 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 18:22 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 18:22 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 18:22 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 18:22 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 18:22 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 18:22 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 18:22 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 18:22 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 18:22 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 18:22 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 18:22 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 18:22 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 18:22 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 18:22 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 18:22 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 18:22 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 18:22 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 18:22 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 18:22 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 18:22 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 18:22 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 18:22 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 18:22 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 18:22 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 18:22 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 18:22 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 18:22 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 18:22 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 18:22 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 18:22 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 18:22 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 18:22 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 18:22 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 18:22 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 18:19 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 18:19 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 18:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 18:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 18:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 18:17 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 18:17 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 18:13 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 18:00 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 18:00 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 18:00 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 16:50 - 2014-07-09 17:50 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-05 10:11 - 2014-08-05 10:09 - 00018744 _____ () C:\Users\chrissy\Desktop\FRST.txt
2014-08-05 10:09 - 2014-08-04 15:46 - 00000000 ____D () C:\FRST
2014-08-05 09:50 - 2012-12-14 07:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-05 09:19 - 2014-03-11 11:51 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 03:53 - 2012-12-07 15:45 - 01299168 _____ () C:\Windows\WindowsUpdate.log
2014-08-05 01:19 - 2014-03-11 11:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-04 23:28 - 2014-07-12 00:27 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Skype
2014-08-04 22:58 - 2014-02-02 21:30 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Battle.net
2014-08-04 20:59 - 2014-08-04 20:58 - 02347384 _____ (ESET) C:\Users\chrissy\Downloads\esetsmartinstaller_deu.exe
2014-08-04 19:00 - 2014-08-03 17:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-04 18:43 - 2014-02-27 17:08 - 00000000 ___RD () C:\Users\chrissy\Desktop\_
2014-08-04 18:10 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-04 18:10 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-04 18:08 - 2014-08-04 18:08 - 00000000 ____D () C:\Windows\ERUNT
2014-08-04 18:08 - 2014-08-04 18:07 - 01016261 _____ (Thisisu) C:\Users\chrissy\Downloads\JRT.exe
2014-08-04 18:02 - 2012-12-07 17:56 - 00000380 _____ () C:\Users\chrissy\AppData\Roaming\sp_data.sys
2014-08-04 18:01 - 2014-07-13 12:34 - 00493720 _____ () C:\Windows\PFRO.log
2014-08-04 18:01 - 2014-07-05 09:50 - 00002632 _____ () C:\Windows\setupact.log
2014-08-04 18:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-04 18:00 - 2014-08-04 17:55 - 00000000 ____D () C:\AdwCleaner
2014-08-04 17:59 - 2012-12-07 17:51 - 00000000 ____D () C:\Users\chrissy
2014-08-04 17:55 - 2014-08-04 17:55 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302 (2).exe
2014-08-04 17:54 - 2014-08-04 17:54 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302 (1).exe
2014-08-04 17:54 - 2014-08-04 17:53 - 01361309 _____ () C:\Users\chrissy\Downloads\adwcleaner_3.302.exe
2014-08-04 17:47 - 2014-01-29 21:17 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-08-04 17:44 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-04 17:42 - 2014-08-04 15:46 - 00053028 _____ () C:\Users\chrissy\Downloads\FRST.txt
2014-08-04 17:30 - 2013-07-09 06:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-04 17:22 - 2014-08-04 17:22 - 00001266 _____ () C:\Users\chrissy\Desktop\Revo Uninstaller.lnk
2014-08-04 17:22 - 2014-08-04 17:22 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-04 17:21 - 2014-08-04 17:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\chrissy\Downloads\revosetup95.exe
2014-08-04 15:55 - 2014-08-04 15:51 - 00035388 _____ () C:\Users\chrissy\Downloads\Addition.txt
2014-08-04 15:31 - 2014-08-04 17:43 - 02094080 _____ (Farbar) C:\Users\chrissy\Desktop\FRST64.exe
2014-08-04 15:31 - 2014-08-04 15:31 - 02094080 _____ (Farbar) C:\Users\chrissy\Downloads\FRST64.exe
2014-08-04 13:50 - 2014-08-02 20:09 - 00000000 ____D () C:\Users\chrissy\Downloads\Gameforge Live
2014-08-04 11:58 - 2014-08-04 11:58 - 02393816 _____ () C:\Users\chrissy\Downloads\Boulder Dash EX (D, F, E).zip
2014-08-04 11:56 - 2014-08-04 11:55 - 03728443 _____ () C:\Users\chrissy\Downloads\King Kong (D, F, E).zip
2014-08-04 11:52 - 2014-08-04 11:52 - 02489049 _____ () C:\Users\chrissy\Downloads\Bomberman Tournament (E).zip
2014-08-04 09:58 - 2009-07-14 06:45 - 00429088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-03 21:03 - 2014-08-03 21:03 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Panda Security
2014-08-03 21:03 - 2014-08-03 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
2014-08-03 21:03 - 2014-08-03 21:02 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-03 21:03 - 2014-08-03 20:58 - 00000000 ____D () C:\ProgramData\Panda Security
2014-08-03 21:03 - 2012-12-07 17:52 - 00094336 _____ () C:\Users\chrissy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-03 20:58 - 2014-08-03 20:57 - 01369720 _____ () C:\Users\chrissy\Downloads\PandaCloudAntivirus.exe
2014-08-03 20:56 - 2014-08-03 20:56 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\Microsoft Security Essentials - CHIP-Installer.exe
2014-08-03 20:51 - 2014-08-01 15:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-03 20:50 - 2012-02-24 04:41 - 00000000 ____D () C:\Windows\en
2014-08-03 20:45 - 2014-08-03 17:13 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Lavasoft
2014-08-03 19:54 - 2014-08-03 19:53 - 06954261 _____ () C:\Users\chrissy\Downloads\Mario & Luigi - Superstar Saga (D).zip
2014-08-03 18:43 - 2014-08-01 15:38 - 00000085 _____ () C:\Windows\wininit.ini
2014-08-03 18:43 - 2014-08-01 15:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-03 18:12 - 2012-12-13 01:05 - 00000000 ____D () C:\Users\chrissy\AppData\Local\CRE
2014-08-03 17:26 - 2014-08-03 17:26 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (2).exe
2014-08-03 17:19 - 2014-08-03 17:19 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\LavasoftStatistics
2014-08-03 17:17 - 2014-08-03 17:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-08-03 17:15 - 2014-08-03 17:15 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-08-03 17:12 - 2014-08-03 17:11 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer (1).exe
2014-08-03 17:08 - 2014-08-03 17:08 - 01707144 _____ () C:\Users\chrissy\Downloads\Adaware112_Installer.exe
2014-08-03 17:08 - 2014-08-03 17:08 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-08-03 17:03 - 2014-08-03 17:03 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 17:03 - 2014-08-03 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-03 17:02 - 2014-08-03 17:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 17:02 - 2014-08-03 17:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-03 16:54 - 2014-08-03 16:54 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\HijackThis - CHIP-Installer.exe
2014-08-03 16:51 - 2014-08-03 16:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-08-02 20:09 - 2014-08-02 20:09 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Gameforge4d
2014-08-02 20:09 - 2014-08-02 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-08-02 20:09 - 2014-08-02 20:08 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-08-02 20:06 - 2014-08-02 20:05 - 20128064 _____ (Gameforge ) C:\Users\chrissy\Downloads\Elsword_GameforgeLiveSetup.exe
2014-08-02 20:02 - 2014-06-15 00:46 - 00000000 ____D () C:\Users\chrissy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-08-02 20:01 - 2014-07-12 00:23 - 00000000 ____D () C:\Program Files (x86)\NexonEU
2014-08-02 17:01 - 2014-08-02 17:01 - 00001271 _____ () C:\Users\chrissy\Downloads\CoreTemp.ini
2014-08-02 17:00 - 2014-08-02 17:00 - 00734473 _____ () C:\Users\chrissy\Downloads\CoreTemp_1.0rc6.zip
2014-08-02 16:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-01 23:22 - 2014-02-02 21:53 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-01 15:09 - 2014-08-01 15:09 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-01 15:03 - 2014-08-01 15:03 - 00826192 _____ (Chip Digital GmbH) C:\Users\chrissy\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-08-01 14:49 - 2014-03-11 11:51 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-01 14:49 - 2014-03-11 11:51 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-31 23:17 - 2012-12-09 22:42 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-07-31 23:09 - 2014-02-01 16:46 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-31 22:40 - 2014-07-31 22:40 - 00000000 ____D () C:\Users\chrissy\AppData\Local\TuneUp Software
2014-07-31 22:37 - 2014-07-31 22:34 - 28598072 _____ (TuneUp Software) C:\Users\chrissy\Downloads\TuneUpUtilities2014_34de-DE.exe
2014-07-31 22:37 - 2012-12-09 22:32 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-31 14:47 - 2014-07-31 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-07-31 14:47 - 2012-02-24 04:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-31 14:31 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 12:57 - 2013-03-13 08:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 12:57 - 2013-03-13 08:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 01:21 - 2013-03-13 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 19:41 - 2014-02-02 21:30 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-23 10:52 - 2013-02-05 21:37 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-14 00:40 - 2012-12-07 17:53 - 00000000 ____D () C:\Users\chrissy\AppData\Local\VirtualStore
2014-07-12 01:04 - 2014-07-12 01:04 - 00000000 ____D () C:\ProgramData\Nexon
2014-07-12 00:27 - 2014-07-12 00:27 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ____D () C:\ProgramData\Skype
2014-07-12 00:26 - 2014-07-12 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-11 23:03 - 2014-07-11 23:02 - 00000000 ____D () C:\Users\chrissy\AppData\Local\Akamai
2014-07-10 11:57 - 2014-05-06 23:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 11:57 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 11:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 11:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 01:53 - 2013-08-14 14:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 01:51 - 2012-12-08 15:53 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:51 - 2012-12-14 07:52 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:51 - 2012-12-14 07:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 17:51 - 2012-12-14 07:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 17:50 - 2014-07-09 16:50 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-06 10:27 - 2011-02-19 06:24 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-07-06 10:27 - 2011-02-19 06:24 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-07-06 10:27 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\chrissy\AppData\Local\Temp\avgnt.exe
C:\Users\chrissy\AppData\Local\Temp\c6e4fde4-a877-4cbd-97f5-587d9bfe4fff.exe
C:\Users\chrissy\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\chrissy\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\chrissy\AppData\Local\Temp\icqsetup.exe
C:\Users\chrissy\AppData\Local\Temp\Quarantine.exe
C:\Users\chrissy\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\chrissy\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\chrissy\AppData\Local\Temp\{3DA7002E-1525-485A-B580-0C44D1D5ED6E}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-02 16:27
==================== End Of Log ============================
--- --- --- |
| Themen zu http://98uj8.de/s3brsn5ba66mgfzeinrum#noad Öffnet sich mehrmals im Browser. :( |
| brauche, browser, chrome, conduit search, conduit search entfernen, conduitsearch, conduitsearch entfernen, dringend, gefunde, hilfe, hilfe!, malwarebytes, mehrmals, mobogenie, mobogenie entfernen, nichts, osx/chatzum.a, panda, rum, win32/downloadsponsor.a, win32/toolbar.conduit, win32/toolbar.searchsuite.j, win32/toolbar.visicom.a, zufällig, öffnet |
Baum-Darstellung