Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win 7: Mehrere Adware-Programme gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.09.2014, 09:41   #16
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Zitat:
Zitat von QueenZoe Beitrag anzeigen
Ich habe das was du mir gesagt hast noch gemacht.
Und das Problem mit dem IE ist auch weg, nur bekomme ich seit ca 2 Tagen eine Fehler meldung die besagt das ein Ordner bei Appdata\Local\Temp fehlt.
Ok, wann genau kommt diese Meldung ?

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 16.09.2014, 17:45   #17
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Es kommt jedesmal wenn ich starte, also einmal und wenn ich auf "Ok" oder schliessen klicke geht sie weg und komm erst nach einem Neustart wieder.

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Chiara (administrator) on BLUESTAR on 16-09-2014 18:42:02
Running from C:\Users\Chiara\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) D:\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7572696 2014-04-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-22] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-31] (Electronic Arts)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x191D55E2A4CACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: amptrakeepacom - C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247\Extensions\amptra@keepa.com [2014-09-08]
FF Extension: Adblock Plus - C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-23]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR NewTab: Default -> "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR Profile: C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]
CHR Extension: (Google Docs) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-14]
CHR Extension: (Google Drive) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-26]
CHR Extension: (Google Search) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-26]
CHR Extension: (Google Sheets) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-08]
CHR Extension: (Skype Click to Call) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-26]
CHR Extension: (Disable AntiAdblock) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oimhabmdhenmcaligiilhadkdliolpah [2014-08-01]
CHR Extension: (Gmail) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; D:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-26] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 18:42 - 2014-09-16 18:42 - 00015920 _____ () C:\Users\Chiara\Downloads\FRST.txt
2014-09-16 18:41 - 2014-09-16 18:42 - 00000000 ____D () C:\FRST
2014-09-16 18:41 - 2014-09-16 18:41 - 02105856 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe
2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\Users\Chiara\Documents\201332Log.iniis
2014-09-15 21:48 - 2014-09-16 18:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:47 - 2014-09-15 21:47 - 00000618 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 21:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 21:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 21:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 21:45 - 2014-09-15 21:45 - 05329480 _____ (Secunia) C:\Users\Chiara\Desktop\PSISetup_3.0.0.9016.exe
2014-09-15 21:36 - 2014-09-15 21:37 - 00002519 _____ () C:\DelFix.txt
2014-09-15 21:34 - 2014-09-15 21:35 - 00000000 ___SD () C:\uninstall.exe
2014-09-14 21:56 - 2014-09-14 21:56 - 00008406 _____ () C:\Users\Chiara\AppData\Local\recently-used.xbel
2014-09-14 17:03 - 2014-09-14 17:03 - 00002242 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2014-09-14 16:44 - 2014-09-14 16:44 - 00002268 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
2014-09-14 16:35 - 2014-09-14 17:01 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-14 16:34 - 2014-09-14 16:34 - 00003052 _____ () C:\Windows\System32\Tasks\{2879CBD8-3138-47D1-A430-ED37161ADFED}
2014-09-14 16:04 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Chiara\Documents\Electronic Arts
2014-09-14 16:02 - 2014-09-14 16:02 - 00003052 _____ () C:\Windows\System32\Tasks\{5AB2EF2A-A557-455F-9709-6140841F93ED}
2014-09-14 15:46 - 2014-09-14 15:46 - 00000477 _____ () C:\Users\Public\Desktop\Die*Sims™*3.lnk
2014-09-14 15:46 - 2014-09-14 15:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-09-14 10:46 - 2014-09-14 10:46 - 00000222 _____ () C:\Users\Chiara\Desktop\RaceRoom Racing Experience.url
2014-09-13 20:00 - 2014-09-13 20:00 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-13 12:40 - 2014-09-13 12:40 - 00000972 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-13 12:40 - 2014-09-13 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-13 12:38 - 2014-09-13 12:38 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Chiara\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-13 10:57 - 2014-09-13 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 19:46 - 2014-09-12 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 19:40 - 2014-09-15 21:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-12 19:26 - 2014-09-12 19:26 - 00000610 _____ () C:\Users\Chiara\Desktop\Revo Uninstaller.lnk
2014-09-11 19:10 - 2014-09-11 19:09 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-11 19:09 - 2014-09-11 19:09 - 00002076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 19:09 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-11 19:09 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-11 19:09 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-11 19:07 - 2014-09-11 19:07 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570(1).exe
2014-09-11 19:01 - 2014-09-11 19:25 - 00000000 ____D () C:\Windows\erdnt
2014-09-10 23:51 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 23:51 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:51 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 23:51 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 23:51 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 23:51 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:51 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 23:51 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 23:51 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 23:51 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 23:51 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 23:51 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 23:51 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:51 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 23:51 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 23:51 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 23:51 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 23:51 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 23:51 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 23:51 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:51 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 23:51 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 23:51 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:51 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 23:51 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:51 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:51 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:51 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:51 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 23:51 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 23:51 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:51 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:51 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 23:51 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 23:51 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:51 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:51 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:51 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 23:51 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 23:51 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 23:51 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 23:51 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:51 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:51 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:51 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:51 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 23:51 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:51 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 23:51 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:51 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:51 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 23:51 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 23:51 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:51 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:51 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 23:51 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:49 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 23:49 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 21:23 - 2014-09-10 21:23 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\LolClient
2014-09-10 21:01 - 2014-09-10 21:01 - 00001399 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-09-10 21:01 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-09-10 21:01 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-09-10 21:01 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-09-10 20:59 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PMB Files
2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-09-10 20:58 - 2014-09-10 20:59 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Riot Games
2014-09-10 20:58 - 2014-09-10 20:58 - 34888568 _____ (Riot Games) C:\Users\Chiara\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-09-10 20:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:48 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:48 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-08 20:34 - 2014-09-08 20:34 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Chiara\Downloads\yet_another_cleaner_mat.exe
2014-09-08 20:34 - 2014-09-08 20:34 - 00001184 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 20:34 - 2014-09-08 20:34 - 00001172 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 20:34 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-08 20:33 - 2014-09-08 20:33 - 07500112 _____ (TeamViewer GmbH) C:\Users\Chiara\Downloads\TeamViewer_Setup_9.0.31064.exe
2014-09-08 19:53 - 2014-09-08 19:53 - 00000000 ____D () C:\Users\Chiara\Desktop\Avira
2014-09-08 19:41 - 2014-09-08 19:42 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-07 16:31 - 2014-09-07 16:31 - 04901352 _____ (Piriform Ltd) C:\Users\Chiara\Downloads\ccsetup417.exe
2014-09-07 15:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140907-150655.backup
2014-09-07 14:49 - 2014-09-07 14:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-07 14:48 - 2014-09-11 19:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-07 14:48 - 2014-09-11 18:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-07 14:48 - 2014-09-07 14:48 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chiara\Downloads\spybot-2.4.exe
2014-09-07 13:57 - 2014-09-16 18:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 13:57 - 2014-09-15 23:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 13:57 - 2014-09-07 14:29 - 00002315 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-07 13:57 - 2014-09-07 13:57 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-07 13:57 - 2014-09-07 13:57 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-07 13:57 - 2014-09-07 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-07 13:56 - 2014-09-08 20:21 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-07 13:56 - 2014-09-07 13:56 - 91906368 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-09-07 11:30 - 2014-09-07 11:30 - 00000687 _____ () C:\awhADAD.tmp
2014-09-06 11:10 - 2014-09-06 11:10 - 00000687 _____ () C:\awhAF13.tmp
2014-09-05 19:33 - 2014-09-05 19:33 - 00000687 _____ () C:\awhAEE4.tmp
2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\java
2014-09-01 14:46 - 2014-09-01 14:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\Program Files\Java
2014-09-01 14:36 - 2014-09-01 14:37 - 01101648 _____ () C:\Users\Chiara\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-09-01 10:17 - 2014-09-01 10:17 - 00000687 _____ () C:\awhAE57.tmp
2014-08-31 21:14 - 2014-08-31 21:14 - 00000687 _____ () C:\awhAD4E.tmp
2014-08-31 10:09 - 2014-08-31 10:09 - 00000687 _____ () C:\awhAD20.tmp
2014-08-30 10:34 - 2014-08-30 10:34 - 00000687 _____ () C:\awhAD1F.tmp
2014-08-29 19:06 - 2014-08-29 19:06 - 00000687 _____ () C:\awhC35E.tmp
2014-08-28 19:28 - 2014-08-28 19:28 - 00000687 _____ () C:\awhADAC.tmp
2014-08-28 19:28 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 19:28 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 19:28 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:47 - 2014-08-27 18:47 - 00000687 _____ () C:\awhACF1.tmp
2014-08-26 23:18 - 2014-08-26 23:23 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-26 23:15 - 2014-08-26 23:23 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Users\Chiara\Downloads\pbsvc.exe
2014-08-26 23:15 - 2014-08-26 23:15 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-26 23:01 - 2014-08-26 23:02 - 00000000 ____D () C:\Users\Chiara\Documents\Battlefield 3
2014-08-26 23:01 - 2014-08-26 23:01 - 02247976 _____ () C:\Users\Chiara\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PunkBuster
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\ESN
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-26 22:56 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-08-26 22:52 - 2014-09-16 18:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-26 22:52 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-26 22:52 - 2014-08-26 22:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\Origin
2014-08-26 22:52 - 2014-08-26 22:52 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-26 22:52 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-26 22:51 - 2014-08-26 22:51 - 17091640 _____ (Electronic Arts, Inc.) C:\Users\Chiara\Downloads\OriginThinSetup(1).exe
2014-08-26 22:02 - 2014-08-26 22:02 - 00000192 _____ () C:\Users\Chiara\Desktop\Fowl Space.url
2014-08-26 20:01 - 2014-08-26 20:01 - 20128064 _____ (Gameforge ) C:\Users\Chiara\Downloads\Elsword_GameforgeLiveSetup.exe
2014-08-26 20:01 - 2014-08-26 20:01 - 00001164 _____ () C:\Users\Public\Desktop\Elsword.lnk
2014-08-26 18:55 - 2014-08-26 18:55 - 00000687 _____ () C:\awhBD07.tmp
2014-08-25 19:39 - 2014-08-25 19:39 - 00000222 _____ () C:\Users\Chiara\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-08-25 19:26 - 2014-08-25 19:26 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-08-25 19:23 - 2014-08-25 19:23 - 00000221 _____ () C:\Users\Chiara\Desktop\Dungeon Defenders.url
2014-08-25 19:13 - 2014-08-25 19:13 - 00000220 _____ () C:\Users\Chiara\Desktop\Garry's Mod.url
2014-08-25 18:23 - 2014-08-25 18:23 - 00000687 _____ () C:\awhBAE5.tmp
2014-08-24 10:52 - 2014-08-24 10:52 - 00000687 _____ () C:\awhAD10.tmp
2014-08-23 16:43 - 2014-08-23 16:43 - 00000687 _____ () C:\awhAFBE.tmp
2014-08-22 09:22 - 2014-08-22 09:22 - 00000687 _____ () C:\awhACE1.tmp
2014-08-21 10:56 - 2014-08-21 10:56 - 00000687 _____ () C:\awhAD00.tmp
2014-08-20 18:54 - 2014-08-20 18:54 - 00000687 _____ () C:\awhB2CA.tmp
2014-08-19 23:08 - 2014-09-01 13:48 - 00000222 _____ () C:\Users\Chiara\Desktop\Robocraft.url
2014-08-19 22:51 - 2014-08-22 10:08 - 00000000 ____D () C:\Users\Chiara\Desktop\Top_50_Steam-Skins
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\WinRAR
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-19 22:37 - 2014-08-19 22:38 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-19 22:37 - 2014-08-19 22:37 - 02060744 _____ () C:\Users\Chiara\Downloads\winrar-x64-510d.exe
2014-08-19 18:58 - 2014-08-19 18:58 - 00000687 _____ () C:\awhB634.tmp
2014-08-18 23:58 - 2014-08-18 23:58 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(3).exe
2014-08-18 18:24 - 2014-08-18 18:24 - 00083292 _____ () C:\Users\Chiara\Downloads\flashblock-1.5.14.2-fx.xpi
2014-08-18 18:24 - 2014-08-18 18:24 - 00000687 _____ () C:\awhAB0D.tmp
2014-08-17 20:20 - 2014-08-17 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-17 19:21 - 2014-08-17 19:21 - 01101648 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi - CHIP-Installer.exe
2014-08-17 19:21 - 2014-08-17 19:21 - 00919582 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi.zip
2014-08-17 18:13 - 2014-08-25 19:21 - 00000221 _____ () C:\Users\Chiara\Desktop\Sanctum.url
2014-08-17 16:38 - 2014-08-17 16:38 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(2).exe
2014-08-17 16:35 - 2014-08-17 16:39 - 70887879 _____ () C:\Users\Chiara\Downloads\Top_50_Steam-Skins.zip
2014-08-17 16:22 - 2014-08-17 16:22 - 00735492 _____ () C:\Users\Chiara\Downloads\chrysalis_steam_skin_by_falxor-d5ddrzl.zip
2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer.exe
2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(1).exe
2014-08-17 15:17 - 2014-08-17 15:17 - 01101648 _____ () C:\Users\Chiara\Downloads\Firefox 34 Nightly 64 Bit - CHIP-Installer.exe
2014-08-17 14:24 - 2014-09-14 17:35 - 00000000 ____D () C:\Users\Chiara\Documents\My Games
2014-08-17 14:20 - 2014-08-25 19:18 - 00000222 _____ () C:\Users\Chiara\Desktop\Sanctum 2.url
2014-08-17 13:47 - 2014-08-23 22:51 - 00000000 ____D () C:\Users\Chiara\Desktop\Alte Firefox-Daten
2014-08-17 13:29 - 2014-08-17 13:29 - 00000687 _____ () C:\awhCC24.tmp
2014-08-17 11:53 - 2014-08-17 11:53 - 00000687 _____ () C:\awhD087.tmp
2014-08-17 02:26 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 02:26 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 02:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 02:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 02:26 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 02:26 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 02:26 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 02:26 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 18:42 - 2014-09-16 18:42 - 00015920 _____ () C:\Users\Chiara\Downloads\FRST.txt
2014-09-16 18:42 - 2014-09-16 18:41 - 00000000 ____D () C:\FRST
2014-09-16 18:41 - 2014-09-16 18:41 - 02105856 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe
2014-09-16 18:41 - 2014-07-31 22:39 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Skype
2014-09-16 18:41 - 2014-07-26 19:30 - 01643169 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 18:40 - 2014-07-31 22:34 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\.minecraft
2014-09-16 18:40 - 2014-07-26 20:39 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2014-09-16 18:38 - 2014-09-15 21:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 18:38 - 2014-09-07 13:57 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 18:38 - 2014-08-26 22:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-16 18:38 - 2014-08-13 11:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-16 18:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 18:37 - 2009-07-14 06:51 - 00033046 _____ () C:\Windows\setupact.log
2014-09-15 23:02 - 2014-09-07 13:57 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 22:00 - 2009-07-14 06:45 - 00022864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 22:00 - 2009-07-14 06:45 - 00022864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 21:59 - 2009-07-14 19:58 - 00700414 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 21:59 - 2009-07-14 19:58 - 00150052 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 21:59 - 2009-07-14 07:13 - 01623866 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 21:56 - 2014-07-31 22:27 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-15 21:54 - 2014-08-01 14:15 - 00000000 ____D () C:\ProgramData\Origin
2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\Users\Chiara\Documents\201332Log.iniis
2014-09-15 21:47 - 2014-09-15 21:47 - 00000618 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 21:45 - 2014-09-15 21:45 - 05329480 _____ (Secunia) C:\Users\Chiara\Desktop\PSISetup_3.0.0.9016.exe
2014-09-15 21:40 - 2014-07-26 19:58 - 01563496 _____ () C:\Windows\PFRO.log
2014-09-15 21:37 - 2014-09-15 21:36 - 00002519 _____ () C:\DelFix.txt
2014-09-15 21:36 - 2014-09-12 19:40 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 21:35 - 2014-09-15 21:34 - 00000000 ___SD () C:\uninstall.exe
2014-09-15 18:20 - 2014-08-01 17:22 - 00000000 ____D () C:\Users\Chiara\Downloads\Gameforge Live
2014-09-15 00:24 - 2014-08-02 14:55 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\TS3Client
2014-09-14 21:57 - 2014-08-01 13:28 - 00000000 ____D () C:\Users\Chiara\.gimp-2.8
2014-09-14 21:56 - 2014-09-14 21:56 - 00008406 _____ () C:\Users\Chiara\AppData\Local\recently-used.xbel
2014-09-14 21:51 - 2014-08-01 13:29 - 00000000 ____D () C:\Users\Chiara\AppData\Local\gtk-2.0
2014-09-14 17:35 - 2014-08-17 14:24 - 00000000 ____D () C:\Users\Chiara\Documents\My Games
2014-09-14 17:35 - 2014-08-01 14:17 - 00063751 _____ () C:\Windows\DirectX.log
2014-09-14 17:03 - 2014-09-14 17:03 - 00002242 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2014-09-14 17:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 17:01 - 2014-09-14 16:35 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-14 17:01 - 2014-07-26 20:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-14 16:44 - 2014-09-14 16:44 - 00002268 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
2014-09-14 16:34 - 2014-09-14 16:34 - 00003052 _____ () C:\Windows\System32\Tasks\{2879CBD8-3138-47D1-A430-ED37161ADFED}
2014-09-14 16:04 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Chiara\Documents\Electronic Arts
2014-09-14 16:02 - 2014-09-14 16:02 - 00003052 _____ () C:\Windows\System32\Tasks\{5AB2EF2A-A557-455F-9709-6140841F93ED}
2014-09-14 15:46 - 2014-09-14 15:46 - 00000477 _____ () C:\Users\Public\Desktop\Die*Sims™*3.lnk
2014-09-14 15:46 - 2014-09-14 15:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2014-09-14 10:46 - 2014-09-14 10:46 - 00000222 _____ () C:\Users\Chiara\Desktop\RaceRoom Racing Experience.url
2014-09-14 10:46 - 2014-08-13 11:55 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-13 20:00 - 2014-09-13 20:00 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-13 19:54 - 2014-08-13 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 14:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-13 12:40 - 2014-09-13 12:40 - 00000972 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-13 12:40 - 2014-09-13 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-13 12:40 - 2014-08-01 11:12 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\DVDVideoSoft
2014-09-13 12:38 - 2014-09-13 12:38 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Chiara\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-13 10:57 - 2014-09-13 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 21:07 - 2014-09-10 20:59 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PMB Files
2014-09-12 19:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss
2014-09-12 19:46 - 2014-09-12 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 19:26 - 2014-09-12 19:26 - 00000610 _____ () C:\Users\Chiara\Desktop\Revo Uninstaller.lnk
2014-09-11 19:25 - 2014-09-11 19:01 - 00000000 ____D () C:\Windows\erdnt
2014-09-11 19:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-11 19:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-11 19:24 - 2014-09-07 14:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-11 19:24 - 2009-07-14 04:34 - 69730304 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-11 19:24 - 2009-07-14 04:34 - 18087936 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-11 19:24 - 2009-07-14 04:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-11 19:24 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-11 19:24 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-11 19:09 - 2014-09-11 19:10 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-11 19:09 - 2014-09-11 19:09 - 00002076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Avira
2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 19:07 - 2014-09-11 19:07 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570(1).exe
2014-09-11 18:54 - 2014-09-07 14:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-11 18:51 - 2014-07-26 19:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 23:50 - 2014-07-27 22:34 - 00002083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 23:50 - 2014-07-27 22:34 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-10 23:50 - 2014-07-27 22:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 23:50 - 2014-07-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 23:50 - 2014-07-26 22:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 23:50 - 2014-07-26 20:34 - 01597210 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 23:49 - 2014-07-26 22:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:49 - 2014-07-26 22:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 21:23 - 2014-09-10 21:23 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\LolClient
2014-09-10 21:01 - 2014-09-10 21:01 - 00001399 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-09-10 20:59 - 2014-09-10 20:58 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Riot Games
2014-09-10 20:58 - 2014-09-10 20:58 - 34888568 _____ (Riot Games) C:\Users\Chiara\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-09-09 19:38 - 2014-08-13 11:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 19:38 - 2014-08-13 11:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 19:38 - 2014-08-13 11:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 20:57 - 2009-07-14 06:45 - 00272104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 20:35 - 2014-07-26 20:47 - 00060056 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 20:34 - 2014-09-08 20:34 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Chiara\Downloads\yet_another_cleaner_mat.exe
2014-09-08 20:34 - 2014-09-08 20:34 - 00001184 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-08 20:34 - 2014-09-08 20:34 - 00001172 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-08 20:34 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-08 20:33 - 2014-09-08 20:33 - 07500112 _____ (TeamViewer GmbH) C:\Users\Chiara\Downloads\TeamViewer_Setup_9.0.31064.exe
2014-09-08 20:21 - 2014-09-07 13:56 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-08 19:53 - 2014-09-08 19:53 - 00000000 ____D () C:\Users\Chiara\Desktop\Avira
2014-09-08 19:42 - 2014-09-08 19:41 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-08 19:13 - 2014-08-01 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-09-07 16:56 - 2014-07-31 23:49 - 00000000 ____D () C:\ProgramData\201a2422637f1f74
2014-09-07 16:31 - 2014-09-07 16:31 - 04901352 _____ (Piriform Ltd) C:\Users\Chiara\Downloads\ccsetup417.exe
2014-09-07 14:49 - 2014-09-07 14:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-07 14:48 - 2014-09-07 14:48 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chiara\Downloads\spybot-2.4.exe
2014-09-07 14:29 - 2014-09-07 13:57 - 00002315 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-07 14:29 - 2014-08-13 11:37 - 00000000 ____D () C:\Users\Chiara\AppData\Local\4945
2014-09-07 14:24 - 2014-07-31 22:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-07 13:57 - 2014-09-07 13:57 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-07 13:57 - 2014-09-07 13:57 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-07 13:57 - 2014-09-07 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-07 13:57 - 2014-07-26 19:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-07 13:56 - 2014-09-07 13:56 - 91906368 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-09-07 11:30 - 2014-09-07 11:30 - 00000687 _____ () C:\awhADAD.tmp
2014-09-06 11:10 - 2014-09-06 11:10 - 00000687 _____ () C:\awhAF13.tmp
2014-09-05 19:33 - 2014-09-05 19:33 - 00000687 _____ () C:\awhAEE4.tmp
2014-09-05 19:32 - 2014-08-01 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-09-05 19:32 - 2014-08-01 17:22 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-09-05 04:10 - 2014-09-10 20:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 20:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\java
2014-09-01 14:46 - 2014-09-01 14:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\Program Files\Java
2014-09-01 14:38 - 2014-07-26 23:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-01 14:37 - 2014-09-01 14:36 - 01101648 _____ () C:\Users\Chiara\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-09-01 13:48 - 2014-08-19 23:08 - 00000222 _____ () C:\Users\Chiara\Desktop\Robocraft.url
2014-09-01 10:17 - 2014-09-01 10:17 - 00000687 _____ () C:\awhAE57.tmp
2014-08-31 21:14 - 2014-08-31 21:14 - 00000687 _____ () C:\awhAD4E.tmp
2014-08-31 10:09 - 2014-08-31 10:09 - 00000687 _____ () C:\awhAD20.tmp
2014-08-30 10:34 - 2014-08-30 10:34 - 00000687 _____ () C:\awhAD1F.tmp
2014-08-29 19:06 - 2014-08-29 19:06 - 00000687 _____ () C:\awhC35E.tmp
2014-08-28 19:28 - 2014-08-28 19:28 - 00000687 _____ () C:\awhADAC.tmp
2014-08-27 18:47 - 2014-08-27 18:47 - 00000687 _____ () C:\awhACF1.tmp
2014-08-26 23:23 - 2014-08-26 23:18 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-26 23:23 - 2014-08-26 23:15 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-26 23:19 - 2014-08-01 17:03 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Users\Chiara\Downloads\pbsvc.exe
2014-08-26 23:15 - 2014-08-26 23:15 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-26 23:02 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\Documents\Battlefield 3
2014-08-26 23:01 - 2014-08-26 23:01 - 02247976 _____ () C:\Users\Chiara\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PunkBuster
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\ESN
2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-26 22:56 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\EA Core
2014-08-26 22:56 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-26 22:55 - 2014-08-26 22:52 - 00000000 ____D () C:\Users\Chiara\AppData\Local\Origin
2014-08-26 22:52 - 2014-08-26 22:52 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-26 22:52 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-26 22:51 - 2014-08-26 22:51 - 17091640 _____ (Electronic Arts, Inc.) C:\Users\Chiara\Downloads\OriginThinSetup(1).exe
2014-08-26 22:02 - 2014-08-26 22:02 - 00000192 _____ () C:\Users\Chiara\Desktop\Fowl Space.url
2014-08-26 20:01 - 2014-08-26 20:01 - 20128064 _____ (Gameforge ) C:\Users\Chiara\Downloads\Elsword_GameforgeLiveSetup.exe
2014-08-26 20:01 - 2014-08-26 20:01 - 00001164 _____ () C:\Users\Public\Desktop\Elsword.lnk
2014-08-26 18:55 - 2014-08-26 18:55 - 00000687 _____ () C:\awhBD07.tmp
2014-08-25 19:39 - 2014-08-25 19:39 - 00000222 _____ () C:\Users\Chiara\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url
2014-08-25 19:28 - 2014-08-01 14:30 - 00000222 _____ () C:\Users\Chiara\Desktop\Euro Truck Simulator 2.url
2014-08-25 19:26 - 2014-08-25 19:26 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-08-25 19:23 - 2014-08-25 19:23 - 00000221 _____ () C:\Users\Chiara\Desktop\Dungeon Defenders.url
2014-08-25 19:21 - 2014-08-17 18:13 - 00000221 _____ () C:\Users\Chiara\Desktop\Sanctum.url
2014-08-25 19:18 - 2014-08-17 14:20 - 00000222 _____ () C:\Users\Chiara\Desktop\Sanctum 2.url
2014-08-25 19:13 - 2014-08-25 19:13 - 00000220 _____ () C:\Users\Chiara\Desktop\Garry's Mod.url
2014-08-25 18:23 - 2014-08-25 18:23 - 00000687 _____ () C:\awhBAE5.tmp
2014-08-24 10:52 - 2014-08-24 10:52 - 00000687 _____ () C:\awhAD10.tmp
2014-08-23 22:51 - 2014-08-17 13:47 - 00000000 ____D () C:\Users\Chiara\Desktop\Alte Firefox-Daten
2014-08-23 16:43 - 2014-08-23 16:43 - 00000687 _____ () C:\awhAFBE.tmp
2014-08-23 04:07 - 2014-08-28 19:28 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 19:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 19:28 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 10:08 - 2014-08-19 22:51 - 00000000 ____D () C:\Users\Chiara\Desktop\Top_50_Steam-Skins
2014-08-22 09:22 - 2014-08-22 09:22 - 00000687 _____ () C:\awhACE1.tmp
2014-08-21 10:56 - 2014-08-21 10:56 - 00000687 _____ () C:\awhAD00.tmp
2014-08-20 18:54 - 2014-08-20 18:54 - 00000687 _____ () C:\awhB2CA.tmp
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\WinRAR
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-19 22:38 - 2014-08-19 22:37 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-19 22:37 - 2014-08-19 22:37 - 02060744 _____ () C:\Users\Chiara\Downloads\winrar-x64-510d.exe
2014-08-19 20:05 - 2014-09-10 23:51 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 23:51 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 18:58 - 2014-08-19 18:58 - 00000687 _____ () C:\awhB634.tmp
2014-08-19 01:01 - 2014-09-10 23:51 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 23:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 23:51 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 23:51 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 23:51 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 23:51 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 23:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 23:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 23:51 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-10 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 23:51 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-10 23:51 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 23:51 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 23:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 23:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:58 - 2014-08-18 23:58 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(3).exe
2014-08-18 23:57 - 2014-09-10 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 23:51 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 23:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 23:51 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 23:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 23:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 23:51 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 23:51 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 23:51 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 23:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 23:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 23:51 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 23:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 23:51 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 23:51 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 23:51 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 23:51 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 23:51 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 23:51 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-10 23:51 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-10 23:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 23:51 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 23:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 23:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 23:51 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 23:51 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 23:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 23:51 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 23:51 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 23:51 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 23:51 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 23:51 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-10 23:51 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-10 23:51 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-18 18:24 - 2014-08-18 18:24 - 00083292 _____ () C:\Users\Chiara\Downloads\flashblock-1.5.14.2-fx.xpi
2014-08-18 18:24 - 2014-08-18 18:24 - 00000687 _____ () C:\awhAB0D.tmp
2014-08-17 20:20 - 2014-08-17 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-17 19:21 - 2014-08-17 19:21 - 01101648 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi - CHIP-Installer.exe
2014-08-17 19:21 - 2014-08-17 19:21 - 00919582 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi.zip
2014-08-17 16:39 - 2014-08-17 16:35 - 70887879 _____ () C:\Users\Chiara\Downloads\Top_50_Steam-Skins.zip
2014-08-17 16:38 - 2014-08-17 16:38 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(2).exe
2014-08-17 16:22 - 2014-08-17 16:22 - 00735492 _____ () C:\Users\Chiara\Downloads\chrysalis_steam_skin_by_falxor-d5ddrzl.zip
2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer.exe
2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(1).exe
2014-08-17 15:17 - 2014-08-17 15:17 - 01101648 _____ () C:\Users\Chiara\Downloads\Firefox 34 Nightly 64 Bit - CHIP-Installer.exe
2014-08-17 13:29 - 2014-08-17 13:29 - 00000687 _____ () C:\awhCC24.tmp
2014-08-17 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 11:53 - 2014-08-17 11:53 - 00000687 _____ () C:\awhD087.tmp
2014-08-17 11:52 - 2014-08-10 18:57 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Gameo

Some content of TEMP:
====================
C:\Users\Chiara\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 21:18

==================== End Of Log ============================
         
--- --- ---
__________________


Alt 17.09.2014, 10:28   #18
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Kannst du von der Fehlermeldung nen Screenshot machen und hier hochladen ?
__________________
__________________

Alt 20.09.2014, 16:07   #19
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Also ich habe den Fixlog erstellt und einen Screenshot gemacht.

Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Chiara at 2014-09-20 16:47:06 Run:1
Running from C:\Users\Chiara\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         
*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

==== End of Fixlog ====
         

Alt 20.09.2014, 16:54   #20
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Ok, Screenshot der Meldung sehe ich noch nicht.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 20.09.2014, 17:41   #21
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Wie kann ich den Screen hir rein kopieren?
Das mit dem Grafik link funktioniert nicht.

Alt 22.09.2014, 08:10   #22
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Wenn du auf "Antworten" klickst, gibt es den Punkt "Anhang", da kannst du einen Screenshot mit hochladen.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 22.09.2014, 18:47   #23
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Name:  Fehlermeldungscreen.jpg
Hits: 192
Größe:  91,9 KB

Alt 23.09.2014, 08:29   #24
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Ah ok.

Hier der Fix (evtl musst du FRST nochmal herunterladen, falls schon gelöscht):

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {BC2F17E8-63EB-4340-A769-F1BA3376EF3A} - System32\Tasks\ASUS\i-Setup203933 => C:\Windows\Install\AsusSetup.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 23.09.2014, 09:10   #25
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Hier die Fixlog

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Chiara at 2014-09-23 10:09:32 Run:2
Running from C:\Users\Chiara\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {BC2F17E8-63EB-4340-A769-F1BA3376EF3A} - System32\Tasks\ASUS\i-Setup203933 => C:\Windows\Install\AsusSetup.exe
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BC2F17E8-63EB-4340-A769-F1BA3376EF3A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC2F17E8-63EB-4340-A769-F1BA3376EF3A}" => Key deleted successfully.
C:\Windows\System32\Tasks\ASUS\i-Setup203933 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\i-Setup203933" => Key deleted successfully.

==== End of Fixlog ====
         

Alt 23.09.2014, 09:12   #26
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Die Meldung dürfe jetzt nicht mehr erscheinen.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 24.09.2014, 17:49   #27
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Leider erscheint sie immernoch.

Alt 25.09.2014, 08:12   #28
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Hach, hab eins übersehen:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {16A09FAE-257A-4826-8C84-05456C1E0DE7} - System32\Tasks\ASUS\i-Setup201332 => C:\Windows\MEI\AsusSetup.exe [2013-08-22] (ASUSTeK Computer Inc.)
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 25.09.2014, 17:47   #29
QueenZoe
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Hier der Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-09-2014 01
Ran by Chiara at 2014-09-25 18:47:06 Run:3
Running from C:\Users\Chiara\Desktop
Loaded Profile: Chiara (Available profiles: Chiara)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {16A09FAE-257A-4826-8C84-05456C1E0DE7} - System32\Tasks\ASUS\i-Setup201332 => C:\Windows\MEI\AsusSetup.exe [2013-08-22] (ASUSTeK Computer Inc.)
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16A09FAE-257A-4826-8C84-05456C1E0DE7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16A09FAE-257A-4826-8C84-05456C1E0DE7}" => Key deleted successfully.
C:\Windows\System32\Tasks\ASUS\i-Setup201332 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\i-Setup201332" => Key deleted successfully.

==== End of Fixlog ====
         

Alt 26.09.2014, 10:42   #30
Warlord711
/// TB-Ausbilder
 
Win 7: Mehrere Adware-Programme gefunden - Standard

Win 7: Mehrere Adware-Programme gefunden



Ich hoffe die Meldung ist jetzt weg ^^
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Antwort

Themen zu Win 7: Mehrere Adware-Programme gefunden
fehlercode 0xc0000005, js/toolbar.crossrider.b, msil/toolbar.linkury.c, msil/toolbar.linkury.e, msil/toolbar.linkury.f, msil/toolbar.linkury.g, pup.optional.bandoo.a, pup.optional.gameo.a, pup.optional.smartbar, pup.optional.softonic.a, pup.optional.yfdownloader, sweetpage, sweetpage entfernen, win32/agent.wga, win32/bundled.toolbar.google.d, win32/cnetinstaller.b, win32/downloadsponsor.a, win32/elex.aw, win32/opencandy.a, win32/riskware.astori.b, win32/systweak.g, win32/toolbar.conduit.r, win32/toolbar.searchsuite, win32/winloadsda.e, win64/systweak.a




Ähnliche Themen: Win 7: Mehrere Adware-Programme gefunden


  1. Windows 7 64-bit Mehrere exe Programme fehlerhaft
    Alles rund um Windows - 30.03.2015 (20)
  2. Virus ADWARE/InstallerCore,AgentCV,Adware gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.02.2015 (11)
  3. Avira hat Maleware gefunden : ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 09.02.2015 (9)
  4. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  5. Adware/Adware.gen von Antivir gefunden - Forsetzung-Thread wegen Noscript und WOT
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (16)
  6. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  7. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  8. Program.exe - Ungültiges Bild (mehrere Programme)
    Log-Analyse und Auswertung - 09.03.2014 (11)
  9. ADWARE/Adware.Gen2 8x gefunden: Schadsoftware? Dann ständig Farbfehler usw.
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  10. Plötzlich mehrere Windows Prozesse und Programme im Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (4)
  11. ADWARE/Adware.Gen7 gefunden Was soll ich machen?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (20)
  12. ADWARE/Adware.Gen2 in C:\$Recycle.Bin\S-1-5-21-3001668521-1564884368-437330382-1001\$RJPCQB1.exe gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (15)
  13. HJT Begutachtung und mehrere Antiviren/Antispy Programme
    Log-Analyse und Auswertung - 24.04.2010 (3)
  14. Mehrere Probleme mit Adware
    Log-Analyse und Auswertung - 08.01.2009 (0)
  15. Großes Virenproblem! Mehrere Programme sind beschädigt!
    Plagegeister aller Art und deren Bekämpfung - 29.08.2008 (16)
  16. Mehrere SPY&ADWARE Bitte hilfe.
    Plagegeister aller Art und deren Bekämpfung - 04.02.2008 (2)
  17. Internet Explorer und mehrere Programme gelöscht ..
    Plagegeister aller Art und deren Bekämpfung - 17.12.2007 (3)

Zum Thema Win 7: Mehrere Adware-Programme gefunden - Zitat: Zitat von QueenZoe Ich habe das was du mir gesagt hast noch gemacht. Und das Problem mit dem IE ist auch weg, nur bekomme ich seit ca 2 Tagen - Win 7: Mehrere Adware-Programme gefunden...
Archiv
Du betrachtest: Win 7: Mehrere Adware-Programme gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.