Trojaner-Board - Windows 8: Schwarzer Bildschirm bei Anmeldung, aber Cursor sichtbar und Anmeldemaske sichtbar

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 29.06.2014

Suchlauf-Zeit: 17:53:09

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.2.1012

Malware Datenbank: v2014.06.29.06

Rootkit Datenbank: v2014.06.23.02

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Self-protection: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x86

Dateisystem: NTFS

Benutzer: Marko
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 295086

Verstrichene Zeit: 9 Min, 7 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristics: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 1

PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1795597239-2963957331-4134054646-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [4febdaa4156685b1c74bb593fa08c739], 
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 1

PUP.Optional.Trovi.A, HKU\S-1-5-21-1795597239-2963957331-4134054646-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV=),Ersetzt,[390115697803ab8b18a3b0d028dc1be5]
 

Ordner: 2

PUP.Optional.OpenCandy, C:\Users\Marko\AppData\Roaming\OpenCandy, In Quarantäne, [53e73c42d0ab71c583e55c38e61c5fa1], 

PUP.Optional.OpenCandy, C:\Users\Marko\AppData\Roaming\OpenCandy\F65DE91CBC1649FBB5BF142AC08D9728, In Quarantäne, [53e73c42d0ab71c583e55c38e61c5fa1], 
 

Dateien: 11

PUP.Optional.OpenCandy.A, C:\Users\Marko\AppData\Roaming\OpenCandy\F65DE91CBC1649FBB5BF142AC08D9728\dlm.exe, In Quarantäne, [7cbe5e2014672e089b2a2afa9968dd23], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Roaming\OpenCandy\F65DE91CBC1649FBB5BF142AC08D9728\sp-downloader.exe, In Quarantäne, [ff3be29caad174c2d13241e1c8394fb1], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Roaming\OpenCandy\F65DE91CBC1649FBB5BF142AC08D9728\Whitesmoke_directN_p1v1.exe, In Quarantäne, [3ffb116d314a1e182fd46fb3ad542fd1], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Local\Temp\nsb34BB.exe, In Quarantäne, [44f6f18dcead2016acd92c5b37cab44c], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Local\Temp\nsfB933.exe, In Quarantäne, [1e1c5628e794999dbbcab5d2b051857b], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Local\Temp\nsj3A0C.exe, In Quarantäne, [6ccea3dbff7c84b24243afd8b0517789], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Local\Temp\nsqDAB1.exe, In Quarantäne, [59e1413d48332f07a7de96f105fc2dd3], 

PUP.Optional.Conduit.A, C:\Users\Marko\AppData\Local\Temp\nstD3CB.exe, In Quarantäne, [6ad049354f2cce6820651275fd0420e0], 

PUP.Optional.SearchProtect.A, C:\Users\Marko\AppData\Local\Temp\nsb9C5E\SpSetup.exe, In Quarantäne, [043694eac0bbae888f1b167b877a7b85], 

PUP.Optional.OpenCandy.A, C:\Users\Marko\AppData\Local\Temp\is-L0M69.tmp\OCSetupHlp.dll, In Quarantäne, [59e10c72205bab8bea94172b8779a759], 

PUP.Optional.Trovi.A, C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV=" ],), Ersetzt,[5fdbfe801764cc6a313db1086c984fb1]
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

Code:

# AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 18:24:04

# Aktualisiert 23/06/2014 von Xplode

# Betriebssystem : Windows 8.1 Pro  (32 bits)

# Benutzername : Marko - MM_PC

# Gestartet von : C:\Users\Marko\Downloads\adwcleaner_3.213.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDE62EB2-F367-41A7-8E4D-875811DC373D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Schlüssel Gelöscht : HKCU\Software\Myfree Codec

Schlüssel Gelöscht : HKLM\Software\Myfree Codec
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17126
 
 

-\\ Google Chrome v35.0.1916.153
 

[ Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gelöscht [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV=

Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
 

*************************
 

AdwCleaner[R0].txt - [2093 octets] - [29/06/2014 18:20:59]

AdwCleaner[S0].txt - [2018 octets] - [29/06/2014 18:24:04]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2078 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8.1 Pro x86

Ran by Marko on 29.06.2014 at 18:28:34,69

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "\big fish games"

Successfully deleted: [Folder] "C:\Program Files\myfree codec"
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 29.06.2014 at 18:30:33,58

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02

Ran by Marko (administrator) on MM_PC on 29-06-2014 19:34:03

Running from F:\

Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)

HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [18997408 2014-06-20] (Microsoft Corporation)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [Google Update] => C:\Users\Marko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-11] (Google Inc.)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1795597239-2963957331-4134054646-1004\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [515584 2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB8442CA0B36FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin ProgramFiles/Appdata: C:\Users\Marko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Marko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
 

Chrome: 

=======

CHR HomePage: https://www.google.de/

CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV="

CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-23]

CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-23]

CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-23]

CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]

CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]

CHR Extension: (SpeakIt!) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-04-07]

CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]
 

========================== Services (Whitelisted) =================
 

S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1565880 2014-05-21] () [File not signed]

R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)

S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)

S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)

S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)

S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)

S3 grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-29] (Malwarebytes Corporation)

R3 NETwNs32; C:\WINDOWS\system32\DRIVERS\NETwNs32.sys [7518208 2013-06-18] (Intel Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)

R3 WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [195968 2010-08-31] (Jungo)

R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)

R3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)

R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-29 18:31 - 2014-06-29 18:31 - 00000734 _____ () C:\Users\Marko\Desktop\JRT_01.txt

2014-06-29 18:30 - 2014-06-29 18:30 - 00000734 _____ () C:\Users\Marko\Desktop\JRT.txt

2014-06-29 18:28 - 2014-06-29 18:28 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-06-29 18:27 - 2014-06-29 18:28 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT (1).exe

2014-06-29 18:27 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe

2014-06-29 18:26 - 2014-06-29 18:26 - 00002158 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt

2014-06-29 18:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll

2014-06-29 18:20 - 2014-06-29 18:24 - 00000000 ____D () C:\AdwCleaner

2014-06-29 18:20 - 2014-06-29 18:20 - 01342659 _____ () C:\Users\Marko\Downloads\adwcleaner_3.213.exe

2014-06-29 18:19 - 2014-06-29 18:19 - 00003951 _____ () C:\Users\Marko\Desktop\mbam.txt

2014-06-29 17:50 - 2014-06-29 18:17 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-29 17:50 - 2014-06-29 17:50 - 00000984 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-29 17:50 - 2014-06-29 17:50 - 00000000 ____D () C:\Program Files\Malwarbyte2

2014-06-29 17:50 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-06-29 17:50 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-06-29 17:50 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-06-28 18:15 - 2014-06-28 18:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marko\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-24 19:54 - 2014-06-24 19:54 - 00006144 ___SH () C:\Users\Marko\Desktop\Thumbs.db

2014-06-24 19:53 - 2014-06-24 18:08 - 110360883 _____ () C:\Users\Marko\Desktop\Girokonto_Clip1_1280x720.mov

2014-06-20 15:03 - 2014-05-05 06:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-06-20 15:03 - 2014-05-03 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-06-20 15:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-06-20 15:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-06-20 15:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-06-20 15:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-06-20 15:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-06-20 15:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-06-20 15:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-06-20 15:02 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-06-20 15:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-06-20 15:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-06-20 15:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-06-20 15:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-06-20 15:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-06-20 15:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-06-20 15:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-06-20 15:02 - 2014-05-19 07:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe

2014-06-20 15:02 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe

2014-06-20 15:02 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-06-20 15:02 - 2014-05-09 01:08 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2014-06-20 15:02 - 2014-05-03 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-06-20 15:02 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-20 15:02 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-06-20 15:02 - 2014-05-01 13:00 - 02257608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-06-20 15:02 - 2014-05-01 13:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys

2014-06-20 15:02 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-06-20 15:02 - 2014-05-01 08:42 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-06-20 15:02 - 2014-05-01 07:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

2014-06-20 15:02 - 2014-04-30 12:10 - 01090296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-06-20 15:02 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2014-06-20 15:02 - 2014-04-30 05:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2014-06-20 15:02 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-06-20 15:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-06-20 15:02 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-06-20 15:02 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-06-20 15:02 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-06-20 15:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-06-20 15:02 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-06-20 15:02 - 2014-04-03 05:46 - 01871704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-06-20 15:02 - 2014-04-03 05:46 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-06-20 15:02 - 2014-03-31 05:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-06-20 15:02 - 2014-03-31 00:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll

2014-06-20 15:02 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-06-20 15:02 - 2014-03-19 06:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-06-20 15:02 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2014-06-20 15:01 - 2014-04-18 15:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll

2014-06-20 15:01 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-06-20 15:01 - 2014-04-18 10:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll

2014-06-20 15:01 - 2014-04-18 10:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-06-20 15:01 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2014-06-20 15:01 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2014-06-20 15:01 - 2014-04-11 05:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll

2014-06-20 15:01 - 2014-04-09 12:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys

2014-06-20 15:01 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll

2014-06-20 15:01 - 2014-04-09 06:01 - 01089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-06-20 15:01 - 2014-04-09 05:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll

2014-06-20 15:01 - 2014-04-08 01:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2014-06-20 15:01 - 2014-04-06 17:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2014-06-20 15:01 - 2014-04-06 17:27 - 00240472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2014-06-20 15:01 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll

2014-06-20 15:01 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2014-06-20 15:01 - 2014-04-06 17:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys

2014-06-20 15:01 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-06-20 15:01 - 2014-04-06 15:06 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-06-20 15:01 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll

2014-06-20 15:01 - 2014-04-06 14:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll

2014-06-20 15:01 - 2014-04-06 13:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2014-06-20 15:01 - 2014-04-06 13:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe

2014-06-20 15:01 - 2014-04-06 12:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2014-06-20 15:01 - 2014-04-06 12:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-06-20 15:01 - 2014-04-06 12:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-06-20 15:01 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2014-06-20 15:01 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2014-06-20 15:01 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2014-06-20 15:01 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll

2014-06-20 15:01 - 2014-04-03 04:46 - 03563008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-06-20 15:01 - 2014-04-03 04:45 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2014-06-20 15:01 - 2014-04-03 04:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2014-06-20 15:01 - 2014-04-03 04:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-06-20 15:01 - 2014-04-03 04:24 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-06-20 15:01 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll

2014-06-20 15:01 - 2014-04-01 07:09 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-06-20 15:01 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll

2014-06-20 15:01 - 2014-03-31 01:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll

2014-06-20 15:01 - 2014-03-31 01:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2014-06-20 15:01 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2014-06-20 15:01 - 2014-03-31 00:09 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-06-20 15:01 - 2014-03-30 23:49 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-06-20 15:01 - 2014-03-28 11:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2014-06-20 15:01 - 2014-03-27 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2014-06-20 15:01 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2014-06-20 15:01 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll

2014-06-20 15:01 - 2014-03-27 05:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll

2014-06-20 15:01 - 2014-03-27 05:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll

2014-06-20 15:01 - 2014-03-27 04:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2014-06-20 15:01 - 2014-03-25 00:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-06-20 15:01 - 2014-03-21 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll

2014-06-20 15:01 - 2014-03-20 03:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2014-06-20 15:01 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll

2014-06-20 15:01 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll

2014-06-20 15:01 - 2014-03-19 09:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2014-06-20 15:01 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll

2014-06-20 15:01 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2014-06-20 15:01 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2014-06-20 15:01 - 2014-03-19 06:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2014-06-20 15:01 - 2014-03-19 06:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll

2014-06-20 15:01 - 2014-03-18 09:22 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2014-06-20 15:01 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-06-20 15:01 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2014-06-20 15:01 - 2014-03-17 04:36 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-06-20 15:01 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll

2014-06-20 15:01 - 2014-03-06 12:37 - 00264536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys

2014-06-20 15:00 - 2014-06-20 15:00 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-06-20 14:56 - 2014-06-20 14:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2014-06-04 21:01 - 2014-06-04 21:02 - 05205146 _____ (Swearware) C:\Users\Marko\Desktop\ComboFix.exe

2014-05-31 18:05 - 2014-05-31 18:05 - 00001248 _____ () C:\Users\Marko\Desktop\Revo Uninstaller.lnk

2014-05-31 18:05 - 2014-05-31 18:05 - 00000000 ____D () C:\Program Files\VS Revo Group
 

==================== One Month Modified Files and Folders =======
 

2014-06-29 19:34 - 2014-05-26 14:40 - 00000000 ____D () C:\FRST

2014-06-29 19:31 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-06-29 19:30 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\rescache

2014-06-29 19:06 - 2014-05-11 09:56 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1795597239-2963957331-4134054646-1001UA.job

2014-06-29 18:56 - 2014-02-23 19:36 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-29 18:55 - 2014-04-02 06:44 - 01655403 _____ () C:\WINDOWS\WindowsUpdate.log

2014-06-29 18:43 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-06-29 18:42 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2014-06-29 18:31 - 2014-06-29 18:31 - 00000734 _____ () C:\Users\Marko\Desktop\JRT_01.txt

2014-06-29 18:30 - 2014-06-29 18:30 - 00000734 _____ () C:\Users\Marko\Desktop\JRT.txt

2014-06-29 18:28 - 2014-06-29 18:28 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-06-29 18:28 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT (1).exe

2014-06-29 18:27 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe

2014-06-29 18:27 - 2014-02-23 19:36 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-06-29 18:26 - 2014-06-29 18:26 - 00002158 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt

2014-06-29 18:26 - 2014-04-02 07:12 - 00000000 __RDO () C:\Users\Marko\SkyDrive

2014-06-29 18:26 - 2014-02-23 19:36 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-29 18:25 - 2014-04-02 06:44 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-06-29 18:25 - 2013-11-14 01:00 - 00093792 _____ () C:\WINDOWS\PFRO.log

2014-06-29 18:25 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-06-29 18:24 - 2014-06-29 18:20 - 00000000 ____D () C:\AdwCleaner

2014-06-29 18:24 - 2013-08-22 08:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-06-29 18:20 - 2014-06-29 18:20 - 01342659 _____ () C:\Users\Marko\Downloads\adwcleaner_3.213.exe

2014-06-29 18:19 - 2014-06-29 18:19 - 00003951 _____ () C:\Users\Marko\Desktop\mbam.txt

2014-06-29 18:17 - 2014-06-29 17:50 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-29 18:15 - 2013-11-14 09:56 - 00000000 ____D () C:\WINDOWS\ShellNew

2014-06-29 17:50 - 2014-06-29 17:50 - 00000984 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-29 17:50 - 2014-06-29 17:50 - 00000000 ____D () C:\Program Files\Malwarbyte2

2014-06-29 17:50 - 2014-05-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-28 18:15 - 2014-06-28 18:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marko\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-28 17:49 - 2013-08-22 09:23 - 00339379 _____ () C:\WINDOWS\setupact.log

2014-06-24 19:56 - 2013-11-14 10:09 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-06-24 19:54 - 2014-06-24 19:54 - 00006144 ___SH () C:\Users\Marko\Desktop\Thumbs.db

2014-06-24 18:08 - 2014-06-24 19:53 - 110360883 _____ () C:\Users\Marko\Desktop\Girokonto_Clip1_1280x720.mov

2014-06-24 08:21 - 2013-08-22 09:22 - 00473960 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-06-21 19:26 - 2014-04-02 06:50 - 00000000 ____D () C:\Users\Marko

2014-06-21 19:26 - 2013-11-14 09:53 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE

2014-06-21 17:17 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-06-21 17:16 - 2012-07-26 08:43 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-06-21 17:15 - 2014-03-01 12:25 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-06-21 17:06 - 2014-05-11 09:56 - 00001080 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1795597239-2963957331-4134054646-1001Core.job

2014-06-20 15:50 - 2014-03-15 09:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-06-20 15:00 - 2014-06-20 15:00 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-06-20 14:56 - 2014-06-20 14:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2014-06-20 14:54 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-20 14:53 - 2014-04-10 20:26 - 00001880 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-06-20 14:53 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-06-20 14:53 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Garmin

2014-06-20 14:53 - 2014-02-02 18:13 - 00000000 ____D () C:\Program Files\Garmin

2014-06-04 21:02 - 2014-06-04 21:01 - 05205146 _____ (Swearware) C:\Users\Marko\Desktop\ComboFix.exe

2014-06-01 17:18 - 2014-03-01 12:25 - 92708840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-05-31 18:05 - 2014-05-31 18:05 - 00001248 _____ () C:\Users\Marko\Desktop\Revo Uninstaller.lnk

2014-05-31 18:05 - 2014-05-31 18:05 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-05-31 07:13 - 2014-05-15 20:51 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2014-05-31 07:13 - 2014-05-15 20:51 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2014-05-30 11:18 - 2014-06-20 15:02 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-05-30 10:43 - 2014-06-20 15:02 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-05-30 10:38 - 2014-06-20 15:02 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-05-30 10:27 - 2014-06-20 15:02 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-05-30 10:16 - 2014-06-20 15:02 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-05-30 10:04 - 2014-06-20 15:02 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-05-30 10:02 - 2014-06-20 15:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-05-30 09:57 - 2014-06-20 15:02 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-05-30 09:56 - 2014-06-20 15:02 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-05-30 09:54 - 2014-06-20 15:02 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-05-30 09:49 - 2014-06-20 15:02 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-05-30 09:40 - 2014-06-20 15:02 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-05-30 09:21 - 2014-06-20 15:02 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-05-30 09:15 - 2014-06-20 15:02 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-05-30 09:13 - 2014-06-20 15:02 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
 

Some content of TEMP:

====================

C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-29 18:36
 

==================== End Of Log ============================

--- --- ---

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=c609b11fc56d6d4782197f8bd467f274

# engine=19100

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-07-09 08:57:32

# local_time=2014-07-09 10:57:32 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 874655 9322921 0 0

# scanned=148327

# found=1

# cleaned=0

# scan_time=6009

sh=57109D3ACFAC8456F6C83466E3FA48B7A29C2230 ft=1 fh=88f12dcc939a3469 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Marko\AppData\Local\Microsoft\Windows\INetCache\IE\A6CHZL3S\FreeYouTubeToMP3-35Converter.exe"

Code:

 Results of screen317's Security Check version 0.99.85  

   x86 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Google Chrome 34.0.1847.137  

 Google Chrome 35.0.1916.153  
 ````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 

 Windows Defender MpCmdRun.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C::  
 ````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-07-2014

Ran by Marko (administrator) on MM_PC on 09-07-2014 23:10:27

Running from F:\

Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe

(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)

HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [18997408 2014-06-20] (Microsoft Corporation)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [Google Update] => C:\Users\Marko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-11] (Google Inc.)

HKU\S-1-5-21-1795597239-2963957331-4134054646-1001\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1795597239-2963957331-4134054646-1004\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [515584 2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB8442CA0B36FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin ProgramFiles/Appdata: C:\Users\Marko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Marko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
 

Chrome: 

=======

CHR HomePage: https://www.google.de/

CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M36918329-BF0E-467E-A875-40239DC2CD03&SearchSource=55&CUI=&UM=5&UP=SP6A153C15-8F38-4A25-980C-7B4D234059F8&SSPV="

CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-23]

CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-23]

CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-23]

CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]

CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]

CHR Extension: (SpeakIt!) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-04-07]

CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]
 

========================== Services (Whitelisted) =================
 

S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1565880 2014-05-21] () [File not signed]

R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)

S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)

S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)

S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)

S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)

S3 grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-29] (Malwarebytes Corporation)

R1 MpKsle37fc0d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E78EB6E5-BABD-4562-B7D2-C9AABB89A429}\MpKsle37fc0d1.sys [39464 2014-07-09] (Microsoft Corporation)

R3 NETwNs32; C:\WINDOWS\system32\DRIVERS\NETwNs32.sys [7518208 2013-06-18] (Intel Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)

R3 WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [195968 2010-08-31] (Jungo)

R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)

R3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)

R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-09 23:08 - 2014-07-09 23:08 - 00854390 _____ () C:\Users\Marko\Downloads\SecurityCheck.exe

2014-07-09 21:09 - 2014-07-09 21:09 - 02347384 _____ (ESET) C:\Users\Marko\Downloads\esetsmartinstaller_deu.exe

2014-06-29 18:31 - 2014-06-29 18:31 - 00000734 _____ () C:\Users\Marko\Desktop\JRT_01.txt

2014-06-29 18:30 - 2014-06-29 18:30 - 00000734 _____ () C:\Users\Marko\Desktop\JRT.txt

2014-06-29 18:28 - 2014-06-29 18:28 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-06-29 18:27 - 2014-06-29 18:28 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT (1).exe

2014-06-29 18:27 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe

2014-06-29 18:26 - 2014-06-29 18:26 - 00002158 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt

2014-06-29 18:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll

2014-06-29 18:20 - 2014-06-29 18:24 - 00000000 ____D () C:\AdwCleaner

2014-06-29 18:20 - 2014-06-29 18:20 - 01342659 _____ () C:\Users\Marko\Downloads\adwcleaner_3.213.exe

2014-06-29 18:19 - 2014-06-29 18:19 - 00003951 _____ () C:\Users\Marko\Desktop\mbam.txt

2014-06-29 17:50 - 2014-06-29 18:17 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-29 17:50 - 2014-06-29 17:50 - 00000984 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-29 17:50 - 2014-06-29 17:50 - 00000000 ____D () C:\Program Files\Malwarbyte2

2014-06-29 17:50 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-06-29 17:50 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-06-29 17:50 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-06-28 18:15 - 2014-06-28 18:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marko\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-24 19:54 - 2014-06-24 19:54 - 00006144 ___SH () C:\Users\Marko\Desktop\Thumbs.db

2014-06-24 19:53 - 2014-06-24 18:08 - 110360883 _____ () C:\Users\Marko\Desktop\Girokonto_Clip1_1280x720.mov

2014-06-20 15:03 - 2014-05-05 06:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-06-20 15:03 - 2014-05-03 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-06-20 15:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-06-20 15:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-06-20 15:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-06-20 15:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-06-20 15:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-06-20 15:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-06-20 15:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-06-20 15:02 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-06-20 15:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-06-20 15:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-06-20 15:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-06-20 15:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-06-20 15:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-06-20 15:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-06-20 15:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-06-20 15:02 - 2014-05-19 07:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe

2014-06-20 15:02 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe

2014-06-20 15:02 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-06-20 15:02 - 2014-05-09 01:08 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2014-06-20 15:02 - 2014-05-03 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe

2014-06-20 15:02 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-06-20 15:02 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-06-20 15:02 - 2014-05-01 13:00 - 02257608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-06-20 15:02 - 2014-05-01 13:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys

2014-06-20 15:02 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-06-20 15:02 - 2014-05-01 08:42 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-06-20 15:02 - 2014-05-01 07:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

2014-06-20 15:02 - 2014-04-30 12:10 - 01090296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-06-20 15:02 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2014-06-20 15:02 - 2014-04-30 05:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2014-06-20 15:02 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-06-20 15:02 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-06-20 15:02 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-06-20 15:02 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-06-20 15:02 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-06-20 15:02 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-06-20 15:02 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-06-20 15:02 - 2014-04-03 05:46 - 01871704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-06-20 15:02 - 2014-04-03 05:46 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-06-20 15:02 - 2014-03-31 05:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-06-20 15:02 - 2014-03-31 00:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll

2014-06-20 15:02 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-06-20 15:02 - 2014-03-19 06:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-06-20 15:02 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2014-06-20 15:01 - 2014-04-18 15:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll

2014-06-20 15:01 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-06-20 15:01 - 2014-04-18 10:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll

2014-06-20 15:01 - 2014-04-18 10:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-06-20 15:01 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2014-06-20 15:01 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2014-06-20 15:01 - 2014-04-11 05:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll

2014-06-20 15:01 - 2014-04-09 12:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys

2014-06-20 15:01 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll

2014-06-20 15:01 - 2014-04-09 06:01 - 01089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-06-20 15:01 - 2014-04-09 05:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll

2014-06-20 15:01 - 2014-04-08 01:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2014-06-20 15:01 - 2014-04-06 17:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2014-06-20 15:01 - 2014-04-06 17:27 - 00240472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2014-06-20 15:01 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll

2014-06-20 15:01 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2014-06-20 15:01 - 2014-04-06 17:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys

2014-06-20 15:01 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-06-20 15:01 - 2014-04-06 17:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-06-20 15:01 - 2014-04-06 15:06 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-06-20 15:01 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll

2014-06-20 15:01 - 2014-04-06 14:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll

2014-06-20 15:01 - 2014-04-06 13:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2014-06-20 15:01 - 2014-04-06 13:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe

2014-06-20 15:01 - 2014-04-06 12:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2014-06-20 15:01 - 2014-04-06 12:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-06-20 15:01 - 2014-04-06 12:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-06-20 15:01 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2014-06-20 15:01 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2014-06-20 15:01 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2014-06-20 15:01 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll

2014-06-20 15:01 - 2014-04-03 04:46 - 03563008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-06-20 15:01 - 2014-04-03 04:45 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2014-06-20 15:01 - 2014-04-03 04:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2014-06-20 15:01 - 2014-04-03 04:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-06-20 15:01 - 2014-04-03 04:24 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-06-20 15:01 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll

2014-06-20 15:01 - 2014-04-01 07:09 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-06-20 15:01 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll

2014-06-20 15:01 - 2014-03-31 01:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll

2014-06-20 15:01 - 2014-03-31 01:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2014-06-20 15:01 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2014-06-20 15:01 - 2014-03-31 00:09 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-06-20 15:01 - 2014-03-30 23:49 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-06-20 15:01 - 2014-03-28 11:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2014-06-20 15:01 - 2014-03-27 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2014-06-20 15:01 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2014-06-20 15:01 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll

2014-06-20 15:01 - 2014-03-27 05:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll

2014-06-20 15:01 - 2014-03-27 05:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll

2014-06-20 15:01 - 2014-03-27 04:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2014-06-20 15:01 - 2014-03-25 00:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-06-20 15:01 - 2014-03-21 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll

2014-06-20 15:01 - 2014-03-20 03:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2014-06-20 15:01 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll

2014-06-20 15:01 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll

2014-06-20 15:01 - 2014-03-19 09:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2014-06-20 15:01 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll

2014-06-20 15:01 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2014-06-20 15:01 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2014-06-20 15:01 - 2014-03-19 06:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2014-06-20 15:01 - 2014-03-19 06:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll

2014-06-20 15:01 - 2014-03-18 09:22 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2014-06-20 15:01 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-06-20 15:01 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2014-06-20 15:01 - 2014-03-17 04:36 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-06-20 15:01 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll

2014-06-20 15:01 - 2014-03-06 12:37 - 00264536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys

2014-06-20 15:00 - 2014-06-20 15:00 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-06-20 14:56 - 2014-06-20 14:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-09 23:10 - 2014-05-26 14:40 - 00000000 ____D () C:\FRST

2014-07-09 23:08 - 2014-07-09 23:08 - 00854390 _____ () C:\Users\Marko\Downloads\SecurityCheck.exe

2014-07-09 23:06 - 2014-05-11 09:56 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1795597239-2963957331-4134054646-1001UA.job

2014-07-09 23:00 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-07-09 23:00 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2014-07-09 22:56 - 2014-02-23 19:36 - 00001108 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-09 22:50 - 2014-04-02 06:44 - 01916002 _____ () C:\WINDOWS\WindowsUpdate.log

2014-07-09 21:16 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-09 21:13 - 2012-07-26 08:43 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-09 21:09 - 2014-07-09 21:09 - 02347384 _____ (ESET) C:\Users\Marko\Downloads\esetsmartinstaller_deu.exe

2014-07-09 21:07 - 2014-04-02 07:12 - 00000000 __RDO () C:\Users\Marko\SkyDrive

2014-07-09 21:07 - 2014-02-23 19:36 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-09 21:07 - 2014-02-23 19:36 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-29 19:47 - 2014-04-02 06:44 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-06-29 19:47 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-06-29 19:46 - 2013-08-22 08:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-06-29 19:30 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\rescache

2014-06-29 18:43 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-06-29 18:31 - 2014-06-29 18:31 - 00000734 _____ () C:\Users\Marko\Desktop\JRT_01.txt

2014-06-29 18:30 - 2014-06-29 18:30 - 00000734 _____ () C:\Users\Marko\Desktop\JRT.txt

2014-06-29 18:28 - 2014-06-29 18:28 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-06-29 18:28 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT (1).exe

2014-06-29 18:27 - 2014-06-29 18:27 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe

2014-06-29 18:26 - 2014-06-29 18:26 - 00002158 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt

2014-06-29 18:25 - 2013-11-14 01:00 - 00093792 _____ () C:\WINDOWS\PFRO.log

2014-06-29 18:24 - 2014-06-29 18:20 - 00000000 ____D () C:\AdwCleaner

2014-06-29 18:20 - 2014-06-29 18:20 - 01342659 _____ () C:\Users\Marko\Downloads\adwcleaner_3.213.exe

2014-06-29 18:19 - 2014-06-29 18:19 - 00003951 _____ () C:\Users\Marko\Desktop\mbam.txt

2014-06-29 18:17 - 2014-06-29 17:50 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-29 18:15 - 2013-11-14 09:56 - 00000000 ____D () C:\WINDOWS\ShellNew

2014-06-29 17:50 - 2014-06-29 17:50 - 00000984 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-29 17:50 - 2014-06-29 17:50 - 00000000 ____D () C:\Program Files\Malwarbyte2

2014-06-29 17:50 - 2014-05-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-28 18:15 - 2014-06-28 18:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marko\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-28 17:49 - 2013-08-22 09:23 - 00339379 _____ () C:\WINDOWS\setupact.log

2014-06-24 19:56 - 2013-11-14 10:09 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-06-24 19:54 - 2014-06-24 19:54 - 00006144 ___SH () C:\Users\Marko\Desktop\Thumbs.db

2014-06-24 18:08 - 2014-06-24 19:53 - 110360883 _____ () C:\Users\Marko\Desktop\Girokonto_Clip1_1280x720.mov

2014-06-24 08:21 - 2013-08-22 09:22 - 00473960 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-06-21 19:26 - 2014-04-02 06:50 - 00000000 ____D () C:\Users\Marko

2014-06-21 19:26 - 2013-11-14 09:53 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore

2014-06-21 19:26 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE

2014-06-21 17:15 - 2014-03-01 12:25 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-06-21 17:06 - 2014-05-11 09:56 - 00001080 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1795597239-2963957331-4134054646-1001Core.job

2014-06-20 15:50 - 2014-03-15 09:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-06-20 15:00 - 2014-06-20 15:00 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-06-20 15:00 - 2014-06-20 15:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-06-20 15:00 - 2014-06-20 15:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-06-20 14:56 - 2014-06-20 14:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2014-06-20 14:54 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-20 14:53 - 2014-04-10 20:26 - 00001880 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-06-20 14:53 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-06-20 14:53 - 2014-02-23 17:37 - 00000000 ____D () C:\ProgramData\Garmin

2014-06-20 14:53 - 2014-02-02 18:13 - 00000000 ____D () C:\Program Files\Garmin
 

Some content of TEMP:

====================

C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-29 19:58
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Noch eine Info:
Als ich ComboFix laufen lassen sollte, gab es ja folgende Meldung:
ComboFix is not meant to run in "Compatibility mode". The programm shall now exit.

In der Zwischenzeit gab es ein Windows-Update. Seitdem startet Windows 8 nicht mehr richtig. Statt der Kachelansicht lande ich gleich auf dem Desktop und folgender Fehler wird angezeigt:

Die Anwendung konnte nicht korrekt gestartet werden (0xc0000142).

Internetrecherchen zufolge hat dieser Fehlercode was mit Kompatibilitätsproblemen zu tun. Ich kann jedenfalls Microsoft Office nicht mehr ausführen. Kann das was mit ComboFix zu tun haben?