| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Trojaner Meldungen von Mc Afee häufen sich, GMER Ausführung funktioniert nicht, keine Ausgabe Addition.txtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.09.2014, 14:38
| #1 |
| |  Windows 8.1: Trojaner Meldungen von Mc Afee häufen sich, GMER Ausführung funktioniert nicht, keine Ausgabe Addition.txt Guten Tag, in den letzten Tagen häufen sich Trojaner Meldungen von Mc Afee. Ich kann in Mc Afee nicht einsehen, wo sich der Fundort dieser befindet. Es sind dll Dateien. Ich benötige hierfür eine weitere Hilfe. Ich führte eure Anweisungen für Hilfesuchende aus. GMER kann ich nicht ausführen. Es erscheint dies hier: "C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Programm verwendet wird."" Ebenso wurde mir bei FRST keine Addition.txt ausgegeben. Danke im voraus für eure Zeit. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Jennifer (administrator) on MIETZIROCKZ on 12-09-2014 15:31:21
Running from C:\Users\Jennifer\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Users\Jennifer\AppData\Roaming\HTThread\hb.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Schomäcker GmbH) C:\Program Files (x86)\Q Pilot - Client\Service\QPilot-Client-Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Dropbox, Inc.) C:\Users\Jennifer\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Schomäcker GmbH) C:\Program Files (x86)\Q Pilot - Client\GUI\QPilot-Client-GUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
() C:\Users\Jennifer\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
() C:\Program Files (x86)\SmarterPower\bin\utilSmarterPower.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\SmarterPower\updateSmarterPower.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [QPilotClientGUI] => C:\Program Files (x86)\Q Pilot - Client\GUI\QPilot-Client-GUI.exe [32194048 2012-07-16] (Schomäcker GmbH)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1448665676-453751460-3676031160-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1448665676-453751460-3676031160-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Jennifer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-1448665676-453751460-3676031160-1002\...\Run: [Google Update] => C:\Users\Jennifer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-16] (Google Inc.)
HKU\S-1-5-21-1448665676-453751460-3676031160-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
HKU\S-1-5-21-1448665676-453751460-3676031160-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1448665676-453751460-3676031160-1002\...\MountPoints2: {57799c1d-bbf1-11e3-8250-54bef705b90a} - "D:\Startme.exe"
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jennifer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
GroupPolicyUsers\S-1-5-21-1448665676-453751460-3676031160-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1448665676-453751460-3676031160-1002\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=25bd7933-5f41-0596-0fe1-a93f7fb06363&searchtype=ds&q={searchTerms}&installDate=25/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=25bd7933-5f41-0596-0fe1-a93f7fb06363&searchtype=ds&q={searchTerms}&installDate=25/09/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410214106&from=cor&uid=TOSHIBAXMQ01ABD075_63AJFLX3SXX63AJFLX3S&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410214106&from=cor&uid=TOSHIBAXMQ01ABD075_63AJFLX3SXX63AJFLX3S&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410214106&from=cor&uid=TOSHIBAXMQ01ABD075_63AJFLX3SXX63AJFLX3S&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410214106&from=cor&uid=TOSHIBAXMQ01ABD075_63AJFLX3SXX63AJFLX3S&q={searchTerms}
SearchScopes: HKLM - {B290E1C1-786D-4A54-B201-42524BE44F8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=25bd7933-5f41-0596-0fe1-a93f7fb06363&searchtype=ds&q={searchTerms}&installDate=25/09/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=25bd7933-5f41-0596-0fe1-a93f7fb06363&searchtype=ds&q={searchTerms}&installDate=25/09/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKCU - {9F6A4239-DCD2-465A-8479-0A17A90E8523} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: SmarterPower -> {bd7c9b62-a7d9-4405-be51-7fd633f08791} -> C:\Program Files (x86)\SmarterPower\SmarterPowerbho.dll (SmarterPower)
BHO-x32: No Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\Jennifer\AppData\LocalLow\IE-BHO\bho.dll ()
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jennifer\AppData\Roaming\Mozilla\Firefox\Profiles\4b01311n.default-1410264320319
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jennifer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Jennifer\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Jennifer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Jennifer\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Jennifer\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-29]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Jennifer\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HTService; C:\Users\Jennifer\AppData\Roaming\HTThread\hb.exe [628736 2014-08-28] () [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-09] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 QPilotClientService; C:\Program Files (x86)\Q Pilot - Client\Service\QPilot-Client-Service.exe [29488640 2012-07-16] (Schomäcker GmbH) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
R2 Update SmarterPower; C:\Program Files (x86)\SmarterPower\updateSmarterPower.exe [323320 2014-09-12] ()
R2 Util SmarterPower; C:\Program Files (x86)\SmarterPower\bin\utilSmarterPower.exe [323320 2014-09-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-09] (Fuyu LIMITED) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) [File not signed]
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [61080 2014-09-08] (StdLib)
R3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
U3 kxryyaow; \??\C:\Users\Jennifer\AppData\Local\Temp\kxryyaow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-12 15:20 - 2014-09-12 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 15:19 - 2014-09-12 15:19 - 00000000 _____ () C:\Users\Jennifer\Desktop\Neues Textdokument.txt
2014-09-12 15:17 - 2014-09-12 15:31 - 00026793 _____ () C:\Users\Jennifer\Desktop\FRST.txt
2014-09-12 15:16 - 2014-09-12 15:16 - 00000478 _____ () C:\Users\Jennifer\Desktop\defogger_disable.log
2014-09-12 15:16 - 2014-09-12 15:16 - 00000000 _____ () C:\Users\Jennifer\defogger_reenable
2014-09-12 15:07 - 2014-09-12 15:07 - 00000000 ____D () C:\Users\Jennifer\.appwork
2014-09-12 14:54 - 2014-09-12 14:54 - 00000478 _____ () C:\Users\Jennifer\Downloads\defogger_disable.log
2014-09-12 14:47 - 2014-09-12 14:47 - 00380416 _____ () C:\Users\Jennifer\Downloads\oko0c7h8.exe
2014-09-12 14:30 - 2014-09-12 15:31 - 00000000 ____D () C:\FRST
2014-09-12 14:26 - 2014-09-12 14:26 - 00380416 _____ () C:\Users\Jennifer\Desktop\Gmer-19357.exe
2014-09-12 14:25 - 2014-09-12 14:26 - 02105856 _____ (Farbar) C:\Users\Jennifer\Desktop\FRST64.exe
2014-09-12 14:25 - 2014-09-12 14:25 - 00050477 _____ () C:\Users\Jennifer\Desktop\Defogger.exe
2014-09-12 09:34 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-12 09:34 - 2014-09-05 04:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-12 09:34 - 2014-09-05 02:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-12 08:20 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 13:19 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 13:19 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 13:19 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 13:19 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 13:19 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 13:19 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 13:19 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 13:19 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 13:19 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 13:19 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 13:19 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 13:19 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 13:19 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 13:19 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 13:19 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 13:19 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 13:19 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 13:19 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 13:19 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 13:19 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 13:19 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 13:19 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 13:19 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 13:19 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 13:19 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 13:19 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 13:19 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 13:19 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 13:19 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 13:19 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 13:19 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 13:19 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 13:19 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 13:19 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-11 13:19 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 13:19 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 13:19 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 13:19 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 13:19 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 13:19 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 13:19 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 13:19 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 13:19 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 13:19 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 13:19 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 13:19 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-11 13:19 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 13:19 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 13:19 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 13:19 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 13:19 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 11:16 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 11:16 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-10 14:27 - 2014-09-10 14:34 - 00000000 ____D () C:\Users\Jennifer\Desktop\Dan Brown
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\Users\Jennifer\Desktop\Alte Firefox-Daten
2014-09-09 00:33 - 2014-09-08 13:23 - 00061080 _____ (StdLib) C:\WINDOWS\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
2014-09-09 00:09 - 2014-09-09 00:09 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-09 00:08 - 2014-09-12 15:11 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-09 00:08 - 2014-09-12 15:11 - 00000000 ____D () C:\Program Files (x86)\SmarterPower
2014-09-09 00:08 - 2014-09-09 13:55 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\sweet-page
2014-09-09 00:08 - 2014-09-09 00:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-09 00:06 - 2014-09-10 12:49 - 00000000 ____D () C:\Users\Jennifer\Desktop\Kreativ
2014-09-09 00:05 - 2014-09-09 00:06 - 00000000 ____D () C:\Users\Jennifer\Desktop\Buch ASP
2014-09-08 23:28 - 2014-01-11 23:11 - 117329210 _____ () C:\Users\Jennifer\Desktop\X-Men 02 (Panini)(1997)RE.cbr
2014-09-08 23:25 - 2012-09-08 19:52 - 255017137 _____ () C:\Users\Jennifer\Desktop\Marvel Exklusiv (Panini) 07 - Spiderman - Verlorene Jahre.cbr
2014-09-08 23:23 - 2014-09-10 14:33 - 00000000 ____D () C:\Users\Jennifer\Desktop\Neuer Ordner
2014-09-08 19:09 - 2014-09-08 19:09 - 00006045 _____ () C:\Users\Jennifer\AppData\Local\recently-used.xbel
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Security Systems
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\HTThread
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDailyDiary
2014-09-07 01:08 - 2014-09-07 01:09 - 00000000 ____D () C:\Program Files (x86)\iDailyDiary
2014-09-07 01:07 - 2014-09-07 01:07 - 00367456 _____ () C:\Users\Jennifer\Desktop\SoftonicDownloader_fuer_idailydiary.exe
2014-09-05 22:03 - 2014-09-05 22:03 - 00685967 _____ () C:\Users\Jennifer\Documents\stundenplan.xcf
2014-08-28 12:23 - 2014-08-28 12:23 - 00000233 _____ () C:\Users\Jennifer\Desktop\Minecraft Wiki - Die offizielle Quelle für Informationen über Minecraft..URL
2014-08-28 12:17 - 2014-08-28 12:17 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-08-28 11:10 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 22:31 - 2014-08-27 22:31 - 00033628 _____ () C:\Users\Jennifer\Documents\Unbenannt.xcf
2014-08-27 11:35 - 2014-09-11 13:58 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\.minecraft
2014-08-27 11:34 - 2014-08-27 11:34 - 00675988 _____ () C:\Users\Jennifer\Desktop\Minecraft.exe
2014-08-24 19:14 - 2014-08-24 19:14 - 00000000 ____D () C:\Users\Jennifer\Daedalic
2014-08-24 17:31 - 2014-08-24 17:31 - 00002380 _____ () C:\Users\Public\Desktop\Edna Bricht Aus - Sammler Edition.lnk
2014-08-24 17:27 - 2014-08-24 17:27 - 00750488 _____ (Oracle Corporation) C:\WINDOWS\system32\npdeployJava1.dll
2014-08-24 17:27 - 2014-08-24 17:27 - 00660368 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-08-24 17:27 - 2014-08-24 17:27 - 00263560 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00188808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00188808 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00000000 ____D () C:\Program Files\Java
2014-08-22 01:06 - 2014-08-22 01:06 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\Daedalic Entertainment
2014-08-22 01:05 - 2014-08-24 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-08-22 01:00 - 2014-08-24 17:29 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2014-08-21 23:14 - 2014-08-21 23:17 - 61056873 _____ () C:\Users\Jennifer\Downloads\lego.7z
2014-08-21 23:13 - 2014-08-22 00:46 - 2261147555 _____ (Igor Pavlov + Paraglider) C:\Users\Jennifer\Downloads\harveysneweyes_win_1383805789.exe
2014-08-13 01:14 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 01:14 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 01:14 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 01:14 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 01:14 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 01:14 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 01:13 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 01:13 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 01:13 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 01:13 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 01:13 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 01:13 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 01:12 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 01:12 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 01:12 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 01:12 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-13 01:12 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 01:12 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-13 01:12 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-13 01:12 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 01:12 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-13 01:12 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-13 01:12 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-13 01:12 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-13 01:12 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-13 01:12 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 01:12 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-13 01:12 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-13 01:12 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-13 01:12 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-13 01:12 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-13 01:12 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-13 01:12 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-13 01:12 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-13 01:12 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-13 01:12 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-13 01:12 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-13 01:12 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-13 01:12 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-13 01:12 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 01:12 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 01:12 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 01:12 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 01:12 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-13 01:12 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 01:12 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-13 01:12 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-13 01:12 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-13 01:12 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-13 01:12 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-13 01:12 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-13 01:12 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-13 01:12 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-13 01:12 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-13 01:12 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-13 01:12 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-13 01:12 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-13 01:12 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-13 01:12 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-13 01:11 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 01:11 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 01:11 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 01:11 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 01:11 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-13 01:11 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-13 01:11 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 01:11 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 01:11 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 01:11 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 01:11 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 01:11 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 01:11 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-13 01:11 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-13 01:11 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-13 01:11 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-13 01:11 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-13 01:11 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-13 01:11 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-13 01:11 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-13 01:11 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-13 01:11 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-13 01:11 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 01:11 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 01:11 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 01:11 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-13 01:11 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 01:11 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 01:11 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 01:11 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-12 15:31 - 2014-09-12 15:17 - 00026793 _____ () C:\Users\Jennifer\Desktop\FRST.txt
2014-09-12 15:31 - 2014-09-12 14:30 - 00000000 ____D () C:\FRST
2014-09-12 15:25 - 2013-08-27 19:55 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1448665676-453751460-3676031160-1002
2014-09-12 15:23 - 2014-04-04 19:01 - 00000000 ___RD () C:\Users\Jennifer\Dropbox
2014-09-12 15:23 - 2014-04-04 18:53 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Dropbox
2014-09-12 15:23 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-09-12 15:22 - 2014-08-06 23:31 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DF0681BB-C5AE-4CEC-87F9-9F1C9D00E4C3}
2014-09-12 15:22 - 2014-04-04 14:32 - 00000000 ___DO () C:\Users\Jennifer\SkyDrive
2014-09-12 15:20 - 2014-09-12 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 15:19 - 2014-09-12 15:19 - 00000000 _____ () C:\Users\Jennifer\Desktop\Neues Textdokument.txt
2014-09-12 15:16 - 2014-09-12 15:16 - 00000478 _____ () C:\Users\Jennifer\Desktop\defogger_disable.log
2014-09-12 15:16 - 2014-09-12 15:16 - 00000000 _____ () C:\Users\Jennifer\defogger_reenable
2014-09-12 15:16 - 2014-04-04 13:56 - 00000000 ____D () C:\Users\Jennifer
2014-09-12 15:11 - 2014-09-09 00:08 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-12 15:11 - 2014-09-09 00:08 - 00000000 ____D () C:\Program Files (x86)\SmarterPower
2014-09-12 15:11 - 2013-11-14 00:18 - 00083266 _____ () C:\WINDOWS\PFRO.log
2014-09-12 15:11 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 15:11 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-12 15:09 - 2014-07-14 16:12 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-12 15:09 - 2014-04-04 13:48 - 01270428 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 15:07 - 2014-09-12 15:07 - 00000000 ____D () C:\Users\Jennifer\.appwork
2014-09-12 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-12 14:54 - 2014-09-12 14:54 - 00000478 _____ () C:\Users\Jennifer\Downloads\defogger_disable.log
2014-09-12 14:48 - 2013-09-16 21:12 - 00001156 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1448665676-453751460-3676031160-1002UA.job
2014-09-12 14:47 - 2014-09-12 14:47 - 00380416 _____ () C:\Users\Jennifer\Downloads\oko0c7h8.exe
2014-09-12 14:44 - 2013-08-27 21:59 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-12 14:26 - 2014-09-12 14:26 - 00380416 _____ () C:\Users\Jennifer\Desktop\Gmer-19357.exe
2014-09-12 14:26 - 2014-09-12 14:25 - 02105856 _____ (Farbar) C:\Users\Jennifer\Desktop\FRST64.exe
2014-09-12 14:25 - 2014-09-12 14:25 - 00050477 _____ () C:\Users\Jennifer\Desktop\Defogger.exe
2014-09-12 13:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-12 10:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-11 13:58 - 2014-08-27 11:35 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\.minecraft
2014-09-10 18:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-09-10 14:35 - 2013-10-18 23:19 - 00000000 ____D () C:\Users\Jennifer\Documents\Calibre-Bibliothek
2014-09-10 14:34 - 2014-09-10 14:27 - 00000000 ____D () C:\Users\Jennifer\Desktop\Dan Brown
2014-09-10 14:33 - 2014-09-08 23:23 - 00000000 ____D () C:\Users\Jennifer\Desktop\Neuer Ordner
2014-09-10 12:49 - 2014-09-09 00:06 - 00000000 ____D () C:\Users\Jennifer\Desktop\Kreativ
2014-09-10 12:49 - 2013-09-25 14:38 - 01809408 ___SH () C:\Users\Jennifer\Desktop\Thumbs.db
2014-09-10 12:17 - 2014-08-09 22:23 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Tor
2014-09-09 19:44 - 2013-08-27 21:59 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 14:05 - 2014-09-09 14:05 - 00000000 ____D () C:\Users\Jennifer\Desktop\Alte Firefox-Daten
2014-09-09 13:55 - 2014-09-09 00:08 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\sweet-page
2014-09-09 01:49 - 2013-10-18 23:18 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\calibre
2014-09-09 00:56 - 2013-08-27 19:47 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\Packages
2014-09-09 00:09 - 2014-09-09 00:09 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-09 00:08 - 2014-09-09 00:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-09 00:08 - 2014-07-21 12:48 - 00000000 ____D () C:\Users\Jennifer\Desktop\erol
2014-09-09 00:06 - 2014-09-09 00:05 - 00000000 ____D () C:\Users\Jennifer\Desktop\Buch ASP
2014-09-08 22:47 - 2014-04-01 14:53 - 00000000 ____D () C:\Users\Jennifer\.gimp-2.8
2014-09-08 19:09 - 2014-09-08 19:09 - 00006045 _____ () C:\Users\Jennifer\AppData\Local\recently-used.xbel
2014-09-08 19:09 - 2014-04-01 14:55 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\gtk-2.0
2014-09-08 13:23 - 2014-09-09 00:33 - 00061080 _____ (StdLib) C:\WINDOWS\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys
2014-09-08 04:05 - 2013-10-17 22:53 - 00083240 _____ () C:\Users\Jennifer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 04:01 - 2014-03-29 17:50 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-08 04:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Security Systems
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\HTThread
2014-09-07 01:09 - 2014-09-07 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDailyDiary
2014-09-07 01:09 - 2014-09-07 01:08 - 00000000 ____D () C:\Program Files (x86)\iDailyDiary
2014-09-07 01:07 - 2014-09-07 01:07 - 00367456 _____ () C:\Users\Jennifer\Desktop\SoftonicDownloader_fuer_idailydiary.exe
2014-09-05 22:03 - 2014-09-05 22:03 - 00685967 _____ () C:\Users\Jennifer\Documents\stundenplan.xcf
2014-09-05 04:36 - 2014-09-12 09:34 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-05 04:31 - 2014-09-12 09:34 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-05 02:48 - 2014-09-12 09:34 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-04 09:48 - 2013-09-16 21:12 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1448665676-453751460-3676031160-1002Core.job
2014-09-04 09:44 - 2014-04-02 20:08 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-31 19:48 - 2013-08-22 16:44 - 00387816 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-28 12:23 - 2014-08-28 12:23 - 00000233 _____ () C:\Users\Jennifer\Desktop\Minecraft Wiki - Die offizielle Quelle für Informationen über Minecraft..URL
2014-08-28 12:17 - 2014-08-28 12:17 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-08-28 12:17 - 2014-06-12 09:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-27 22:31 - 2014-08-27 22:31 - 00033628 _____ () C:\Users\Jennifer\Documents\Unbenannt.xcf
2014-08-27 13:04 - 2014-03-29 17:42 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-08-27 11:34 - 2014-08-27 11:34 - 00675988 _____ () C:\Users\Jennifer\Desktop\Minecraft.exe
2014-08-27 11:09 - 2013-08-22 16:46 - 00378267 _____ () C:\WINDOWS\setupact.log
2014-08-26 22:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-26 20:57 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-26 20:57 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-26 20:57 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-24 19:59 - 2013-07-18 06:32 - 00445288 _____ () C:\WINDOWS\DPINST.LOG
2014-08-24 19:58 - 2014-04-04 14:58 - 00002053 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-08-24 19:58 - 2014-04-04 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-08-24 19:57 - 2013-05-29 19:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-24 19:14 - 2014-08-24 19:14 - 00000000 ____D () C:\Users\Jennifer\Daedalic
2014-08-24 17:31 - 2014-08-24 17:31 - 00002380 _____ () C:\Users\Public\Desktop\Edna Bricht Aus - Sammler Edition.lnk
2014-08-24 17:31 - 2014-08-22 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2014-08-24 17:29 - 2014-08-22 01:00 - 00000000 ____D () C:\Program Files (x86)\Daedalic Entertainment
2014-08-24 17:27 - 2014-08-24 17:27 - 00750488 _____ (Oracle Corporation) C:\WINDOWS\system32\npdeployJava1.dll
2014-08-24 17:27 - 2014-08-24 17:27 - 00660368 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-08-24 17:27 - 2014-08-24 17:27 - 00263560 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00188808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00188808 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-24 17:27 - 2014-08-24 17:27 - 00000000 ____D () C:\Program Files\Java
2014-08-23 02:42 - 2014-08-28 11:10 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 19:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-22 01:06 - 2014-08-22 01:06 - 00000000 ____D () C:\Users\Jennifer\AppData\Local\Daedalic Entertainment
2014-08-22 00:46 - 2014-08-21 23:13 - 2261147555 _____ (Igor Pavlov + Paraglider) C:\Users\Jennifer\Downloads\harveysneweyes_win_1383805789.exe
2014-08-21 23:17 - 2014-08-21 23:14 - 61056873 _____ () C:\Users\Jennifer\Downloads\lego.7z
2014-08-21 22:58 - 2014-04-04 19:01 - 00001091 _____ () C:\Users\Jennifer\Desktop\Dropbox.lnk
2014-08-21 22:58 - 2014-04-04 18:55 - 00000000 ____D () C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 04:40 - 2014-09-11 13:19 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-16 04:04 - 2014-09-11 13:19 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-16 04:00 - 2014-09-11 13:19 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-16 04:00 - 2014-09-11 13:19 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-16 03:56 - 2014-09-11 13:19 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-16 03:54 - 2014-09-11 13:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-16 03:45 - 2014-09-11 13:19 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-16 03:43 - 2014-09-11 13:19 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-16 03:32 - 2014-09-11 13:19 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-16 03:25 - 2014-09-11 13:19 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-16 03:22 - 2014-09-11 13:19 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-16 03:20 - 2014-09-11 13:19 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-16 03:19 - 2014-09-11 13:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-16 03:18 - 2014-09-11 13:19 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-16 03:18 - 2014-09-11 13:19 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-16 03:11 - 2014-09-11 13:19 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-16 03:06 - 2014-09-11 13:19 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-16 03:05 - 2014-09-11 13:19 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-16 03:05 - 2014-09-11 13:19 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-16 03:03 - 2014-09-11 13:19 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-16 03:03 - 2014-09-11 13:19 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-16 02:58 - 2014-09-11 13:19 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 02:56 - 2014-09-11 13:19 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-16 02:53 - 2014-09-11 13:19 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-16 02:53 - 2014-09-11 13:19 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-16 02:53 - 2014-09-11 13:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-16 02:51 - 2014-09-11 13:19 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-16 02:45 - 2014-09-11 13:19 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-16 02:44 - 2014-09-11 13:19 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-16 02:44 - 2014-09-11 13:19 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-16 02:34 - 2014-09-11 13:19 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-16 02:20 - 2014-09-11 13:19 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-16 02:18 - 2014-09-11 13:19 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-16 02:14 - 2014-09-11 13:19 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-16 02:12 - 2014-09-11 13:19 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-14 00:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-14 00:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-14 00:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-14 00:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-14 00:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-13 18:26 - 2013-08-28 13:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 18:22 - 2013-08-28 13:11 - 99218768 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 01:10 - 2014-04-14 17:16 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 01:06 - 2014-06-12 00:32 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
Some content of TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\Jennifer\AppData\Local\Temp\13054687681234724428.exe
C:\Users\Jennifer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr4ugcy.dll
C:\Users\Jennifer\AppData\Local\Temp\Fx6_FF_IE_Setup-Softonic.exe
C:\Users\Jennifer\AppData\Local\Temp\JDSetup130546876771251577.exe
C:\Users\Jennifer\AppData\Local\Temp\proxy_vole8170917200005694461.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-08 17:33
==================== End Of Log ============================
|
| Themen zu Windows 8.1: Trojaner Meldungen von Mc Afee häufen sich, GMER Ausführung funktioniert nicht, keine Ausgabe Addition.txt |
| msil/browsefox.e, msil/browsefox.g, pup.optional.searchprotect, pup.optional.searchprotect.a, pup.optional.smarterpower.a, pup.optional.snapdo, pup.optional.snapdo.a, pup.optional.snapdo.t, pup.optional.softonic, win32/browsefox.h, win32/browsefox.m, win32/browsefox.n, win32/browsefox.o, win32/browsefox.p, win32/clientconnect.a, win32/conduit.searchprotect.h, win32/conduit.searchprotect.i, win32/elex.am, win32/elex.av, win32/thinknice.e, win32/toolbar.babylon.y, win32/toolbar.conduit.r, win32/toolbar.conduit.y, win64/browsefox.a, win64/thinknice.e, windowsapps, windowsmangerprotect |
Baum-Darstellung