Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Probleme beim Öffnen des Browsers (https://www.trojaner-board.de/155717-probleme-beim-offnen-browsers.html)

CarpeDiem206 25.06.2014 19:07
Probleme beim Öffnen des Browsers
 
Arbeite mit Win8.1. Bei jedem Öffnen des Browsers ob mit dem Explorer oder Firefox
öffnen sich automatisch mindestens 3 Fenster mit Werbung oder einer Aufforderung die neueste Version des Media Players herunterzuladen.Einige Webseiten hingegen lassen sich garnicht mehr öffnen.Wer kann mir helfen?

schrauber 25.06.2014 20:03
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


CarpeDiem206 30.06.2014 14:04
Hallo.Dies sind meine Log - Dateien


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Marita (administrator) on MARITAPC on 26-06-2014 15:10:36
Running from C:\Users\Marita\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google) C:\Users\Marita\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
() C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe
() C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-07] (AVAST Software)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [GoogleChromeAutoLaunch_26FCAD50FEA4D2144FF64E2847F340EA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Google Update] => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {46F7DB3D-32D9-4EF6-BB40-577D4AEC6921} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default
FF NewTab: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SaveSense - C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2014-01-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-15]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV="
CHR Extension: (Google Docs) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (avast! Online Security) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-16]
CHR Extension: (Hangouts) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR Extension: (Extutil) - C:\Users\Marita\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\Marita\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-02]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-02] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-05] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-05] (SaveSense)
R2 Update BetterBrowse; C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe [318248 2014-06-26] ()
R2 Util BetterBrowse; C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe [318248 2014-06-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-02] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation                          )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 15:10 - 2014-06-26 15:11 - 00017499 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:08 - 2014-06-26 15:10 - 00000000 ____D () C:\FRST
2014-06-26 15:07 - 2014-06-26 15:07 - 02082816 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-25 20:14 - 2014-06-25 20:16 - 04882316 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-23 19:57 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-23 19:57 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-23 19:57 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-23 19:57 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-23 19:57 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-23 19:57 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-23 19:57 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-23 19:57 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-23 19:57 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-23 19:57 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-23 19:57 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-23 19:57 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-23 19:57 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-23 19:57 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-23 19:57 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-23 19:57 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-23 19:57 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-23 19:57 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-23 19:57 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-23 19:57 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-23 19:57 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-23 19:57 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-23 19:57 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-23 19:57 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-23 19:57 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-23 19:57 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-23 19:57 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-23 19:57 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-23 19:57 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-23 19:57 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-23 19:57 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-23 19:57 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-23 19:57 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-23 19:57 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-23 19:57 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-23 19:57 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-23 19:57 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-23 19:57 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-23 19:57 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-23 19:57 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-23 19:57 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-23 19:57 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-23 19:57 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-23 19:57 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-23 19:57 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-23 19:57 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-23 19:57 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-23 19:57 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-23 19:57 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-23 19:57 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-23 19:57 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-23 19:57 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-23 19:57 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-23 19:57 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-23 19:57 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-23 19:57 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-23 19:57 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-23 19:57 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-23 19:57 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-23 19:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-23 19:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-23 19:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-23 19:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-23 19:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-23 19:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-23 19:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-20 15:14 - 2014-06-23 19:43 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-20 15:11 - 2014-06-20 14:46 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-16 15:24 - 2014-06-16 15:25 - 01241228 _____ () C:\Users\Marita\Downloads\setup.exe
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 06:48 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 06:48 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 05:58 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-14 05:58 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-14 05:58 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-14 05:58 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-14 05:58 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-14 05:58 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-13 17:36 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:16 - 2014-06-13 17:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 20:56 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 20:46 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 20:46 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 20:46 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 20:31 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 20:31 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-12 20:31 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-12 20:31 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-12 20:26 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 20:26 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 20:17 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 20:17 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 20:17 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

==================== One Month Modified Files and Folders =======

2014-06-26 15:11 - 2014-06-26 15:10 - 00017499 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:10 - 2014-06-26 15:08 - 00000000 ____D () C:\FRST
2014-06-26 15:10 - 2013-08-22 15:25 - 00000292 _____ () C:\Windows\win.ini
2014-06-26 15:09 - 2013-12-12 20:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4060787532-3131775629-3680099422-1001
2014-06-26 15:07 - 2014-06-26 15:07 - 02082816 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-26 15:06 - 2013-12-15 08:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-26 15:06 - 2013-12-12 20:17 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F1CE9E0-BBD0-4D75-93AA-2B513D5EF18D}
2014-06-26 15:05 - 2013-12-12 20:06 - 00000000 ____D () C:\Users\Marita\Documents\Youcam
2014-06-26 15:05 - 2013-12-12 19:56 - 01118862 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 15:04 - 2014-01-05 15:44 - 00000946 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-06-26 15:04 - 2013-12-14 16:14 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-26 15:04 - 2013-12-14 16:13 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 15:04 - 2013-12-12 20:08 - 00000000 __RDO () C:\Users\Marita\SkyDrive
2014-06-26 15:04 - 2013-12-12 20:04 - 00917106 _____ () C:\Users\Marita\AppData\Local\BTServer.log
2014-06-26 15:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-06-25 20:16 - 2014-06-25 20:14 - 04882316 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-25 20:11 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-25 19:58 - 2013-12-14 16:23 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job
2014-06-25 19:49 - 2014-01-05 15:44 - 00000950 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-06-25 19:46 - 2013-12-14 16:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 19:34 - 2014-02-23 08:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-23 20:20 - 2014-01-18 20:19 - 00056832 ___SH () C:\Users\Marita\Downloads\Thumbs.db
2014-06-23 20:13 - 2013-10-07 07:32 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-06-23 20:13 - 2013-10-07 07:32 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-06-23 20:13 - 2013-10-07 07:11 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 20:07 - 2013-10-07 07:06 - 00010154 _____ () C:\Windows\PFRO.log
2014-06-23 20:07 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-23 20:07 - 2013-08-22 16:44 - 00380720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 20:06 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 20:05 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 19:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-06-23 19:43 - 2014-06-20 15:14 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-22 14:58 - 2013-12-14 16:23 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job
2014-06-22 14:53 - 2013-12-14 16:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA
2014-06-22 14:53 - 2013-12-14 16:23 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core
2014-06-20 14:57 - 2013-08-22 16:46 - 00062971 _____ () C:\Windows\setupact.log
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 14:46 - 2014-06-20 15:11 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-19 16:04 - 2014-02-15 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:44 - 2013-12-14 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 19:40 - 2013-10-07 08:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-16 15:25 - 2014-06-16 15:24 - 01241228 _____ () C:\Users\Marita\Downloads\setup.exe
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:14 - 2014-06-15 14:13 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 05:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:17 - 2014-06-13 17:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-09 05:53 - 2013-12-14 16:24 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Mozilla
2014-06-04 18:25 - 2014-05-07 18:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 18:22 - 2013-12-12 20:04 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Adobe
2014-06-02 15:42 - 2013-12-12 20:02 - 00000000 ____D () C:\Users\Marita
2014-06-01 06:15 - 2014-05-07 18:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-31 07:13 - 2013-08-22 17:38 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:13 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 19:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-30 12:21 - 2014-06-23 19:56 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:45 - 2014-06-23 19:56 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:28 - 2014-06-23 19:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:20 - 2014-06-23 19:56 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-23 19:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:08 - 2014-06-23 19:56 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-23 19:56 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:46 - 2014-06-23 19:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-23 19:56 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-23 19:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:38 - 2014-06-23 19:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-23 19:56 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:29 - 2014-06-23 19:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:27 - 2014-06-23 19:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:23 - 2014-06-23 19:56 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-23 19:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:04 - 2014-06-23 19:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-23 19:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-23 19:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-23 19:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-23 19:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:49 - 2014-06-23 19:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-23 19:56 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-23 19:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-23 19:56 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-23 19:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-23 19:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-23 19:56 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-23 19:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Marita\AppData\Local\Temp\AppLauncher.exe
C:\Users\Marita\AppData\Local\Temp\BetterBrowseSetup.exe
C:\Users\Marita\AppData\Local\Temp\icqsetup.exe
C:\Users\Marita\AppData\Local\Temp\Mobogenie_Setup_2.1.35_122100041.exe
C:\Users\Marita\AppData\Local\Temp\nsb71D9.exe
C:\Users\Marita\AppData\Local\Temp\nscC58.exe
C:\Users\Marita\AppData\Local\Temp\nscF42B.exe
C:\Users\Marita\AppData\Local\Temp\nss2753.exe
C:\Users\Marita\AppData\Local\Temp\nsx81C9.exe
C:\Users\Marita\AppData\Local\Temp\nsz79AA.exe
C:\Users\Marita\AppData\Local\Temp\ntdll.dll
C:\Users\Marita\AppData\Local\Temp\obexpf.dll
C:\Users\Marita\AppData\Local\Temp\sas.exe
C:\Users\Marita\AppData\Local\Temp\SPSetup.exe
C:\Users\Marita\AppData\Local\Temp\sp_downloader.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-14 06:06

==================== End Of Log ============================
--- --- ---


Hier das ADDITION.TXT
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Marita at 2014-06-26 15:14:02
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
BetterBrowse (HKLM\...\BetterBrowse) (Version: 2013.12.03.230533 - BetterBrowse) <==== ATTENTION
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Home Cinema 10 (x32 Version: 10.3025 - CyberLink Corp.) Hidden
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3807_46074 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4017 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.3202 - CyberLink Corp.) Hidden
CyberLink PowerDirector 11 (Version: 11.0.0.3215 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.5426.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.0.3725a - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2103 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2103 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.3318.0 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3309 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (Version: 1.0.0.1050 - Intel Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0092 - Pegatron Corporation)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.093013 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
SaveSense (HKCU\...\SaveSense) (Version:  - ) <==== ATTENTION
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

29-05-2014 04:54:41 Windows Update
14-06-2014 03:49:12 Windows Update
18-06-2014 17:38:54 Windows Update
23-06-2014 17:58:59 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09DA7AF6-293B-4AED-A992-FC7599188954} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-02] (AVAST Software)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21E48C00-8080-44A7-B505-3BFFAD84BD3C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B364E4D-173F-4697-8961-5154644126E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.)
Task: {4D8C2EF5-2919-4FE9-BBDD-679837F94D72} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {5CEC9F3B-65FA-48FB-B135-A3CA38E947F7} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-05] (SaveSense) <==== ATTENTION
Task: {62049892-3EFE-46BE-9C50-A753EFBE8CB5} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-05] (SaveSense) <==== ATTENTION
Task: {6348DFE7-409D-40B3-B7C3-9EC62D9035EB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4060787532-3131775629-3680099422-1001
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9D18DEF0-5A48-4031-AC37-EE41D1CAC651} - System32\Tasks\{D6B8F8D9-C6A1-4FC5-A33D-5EAB7FB2C370} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AD498B5B-E3A3-498D-9078-729946D3A2DD} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {AE991167-9E23-44A0-86AA-44C27CF862B6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {BC0AC792-FB49-4476-8574-DDC7B760F2D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.)
Task: {C56B736D-402A-4EC4-B84F-0AEBBA88B405} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4AB86BC-6440-444C-B193-58305091C87C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8B37B8B-267C-466A-AFD2-30762F820EAA} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD705F21-3504-4BF5-AB09-0112031BC12B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {E203C98C-6294-4879-809F-2FF5AAB87394} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-14] (Synaptics Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E76FCDAC-978B-47DC-8392-8AED8B15E088} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.)
Task: {E7BDFC3F-8375-44C6-BFDB-D396D6C3C42E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {FF6B227B-3D3A-4BEB-A425-B5D3F8EDB02F} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-08-08] (Dolby Laboratories Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-08 13:22 - 2013-06-27 10:56 - 00160768 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2013-10-08 13:17 - 2013-09-26 21:08 - 00061440 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-10-07 09:29 - 2013-03-06 15:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-10-08 13:22 - 2013-09-11 12:41 - 02216960 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2014-05-23 17:37 - 2014-05-23 17:37 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-10-08 13:22 - 2010-12-17 15:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2013-10-08 13:22 - 2012-10-23 19:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2013-10-08 13:22 - 2013-07-18 16:41 - 08856576 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2013-08-08 17:53 - 2013-08-08 17:53 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2013-12-04 01:05 - 2014-06-26 15:07 - 00318248 _____ () C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe
2014-01-06 06:44 - 2014-06-26 15:10 - 00318248 _____ () C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe
2014-06-23 15:10 - 2014-06-23 15:10 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062300\algo.dll
2014-06-23 20:08 - 2014-06-23 20:08 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062301\algo.dll
2014-06-26 15:06 - 2014-06-26 15:06 - 02787840 _____ () C:\Program Files\AVAST Software\Avast\defs\14062601\algo.dll
2013-10-08 13:22 - 2009-12-18 16:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-10-08 13:22 - 2009-12-18 16:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-05-23 17:39 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 17:39 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 17:39 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 17:39 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 17:39 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2013-10-07 09:28 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-12-15 08:16 - 2013-12-15 08:16 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-08 18:13 - 2014-02-08 18:13 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-02-08 18:13 - 2014-02-08 18:13 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-02-08 18:13 - 2014-02-08 18:13 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-10 18:33 - 2014-06-24 01:09 - 00183592 ____N () C:\Program Files (x86)\BetterBrowse\bin\BetterBrowseBAApp.dll
2014-02-15 16:13 - 2014-06-19 16:04 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-10 18:33 - 2014-06-24 01:09 - 00096552 _____ () C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.BrowserAdapter.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Marita\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2014 08:14:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/25/2014 08:14:00 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/25/2014 08:14:00 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/23/2014 08:12:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/20/2014 03:00:08 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/16/2014 03:26:38 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/16/2014 03:26:13 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/11/2014 06:52:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARITAPC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/09/2014 05:53:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: MARITAPC)
Description: Die Anwendung oder der Dienst "Google Chrome" konnte nicht heruntergefahren werden.

Error: (06/04/2014 06:24:32 PM) (Source: MsiInstaller) (EventID: 1024) (User: MARITAPC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (06/26/2014 03:06:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/26/2014 03:03:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/24/2014 06:51:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (06/23/2014 08:08:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/23/2014 08:08:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/23/2014 08:07:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/23/2014 08:04:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/23/2014 06:16:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127

Error: (06/23/2014 03:43:01 PM) (Source: DCOM) (EventID: 10010) (User: MARITAPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/23/2014 03:43:01 PM) (Source: DCOM) (EventID: 10010) (User: MARITAPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (06/25/2014 08:14:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\wzmp_8.exeC:\Users\Marita\Downloads\wzmp_8.exe0

Error: (06/25/2014 08:14:00 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\wzmp_8.exeC:\Users\Marita\Downloads\wzmp_8.exe0

Error: (06/25/2014 08:14:00 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\wzmp_8.exeC:\Users\Marita\Downloads\wzmp_8.exe0

Error: (06/23/2014 08:12:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Pictures\Setup.exeC:\Users\Marita\Pictures\Setup.exe0

Error: (06/20/2014 03:00:08 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\setup.exeC:\Users\Marita\Downloads\setup.exe0

Error: (06/16/2014 03:26:38 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\setup.exeC:\Users\Marita\Downloads\setup.exe0

Error: (06/16/2014 03:26:13 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Marita\Downloads\setup.exeC:\Users\Marita\Downloads\setup.exe0

Error: (06/11/2014 06:52:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARITAPC)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927141

Error: (06/09/2014 05:53:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: MARITAPC)
Description: 2C:\Program Files (x86)\Google\Chrome\Application\chrome.exeGoogle Chrome0221735640

Error: (06/04/2014 06:24:32 PM) (Source: MsiInstaller) (EventID: 1024) (User: MARITAPC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3976.19 MB
Available physical RAM: 1872.93 MB
Total Pagefile: 4714 MB
Available Pagefile: 2399.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:404.05 GB) (Free:364.03 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:45.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 01.07.2014 10:07
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

CarpeDiem206 01.07.2014 16:11
[CMalwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 01.07.2014
Suchlauf-Zeit: 15:30:50
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.07.01.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Marita

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 233540
Verstrichene Zeit: 22 Min, 11 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 4
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe, 312, Löschen bei Neustart, [5ced6d92e496c96d61a19402926fd52b]
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe, 1888, Löschen bei Neustart, [bf8a8a7562185bdbea184155e31e23dd]
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.BrowserAdapter.exe, 7512, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be]
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.PurBrowse64.exe, 2288, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be]

Module: 5
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowseBAApp.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowseBAApp.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],

Registrierungsschlüssel: 45
PUP.Optional.BetterBrowse.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update BetterBrowse, In Quarantäne, [5ced6d92e496c96d61a19402926fd52b],
PUP.Optional.BetterBrowse.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util BetterBrowse, In Quarantäne, [bf8a8a7562185bdbea184155e31e23dd],
PUP.Optional.SaveSense.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselive, In Quarantäne, [ab9ed32cc3b7c37352f356390ff232ce],
PUP.Optional.SaveSense.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselivem, In Quarantäne, [ab9ed32cc3b7c37352f356390ff232ce],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SAVESENSELIVE.EXE, In Quarantäne, [ab9ed32cc3b7c37352f356390ff232ce],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SAVESENSELIVE.EXE, In Quarantäne, [ab9ed32cc3b7c37352f356390ff232ce],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [46036b94661458deb527b38c9e649a66],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [be8bc936daa05ed89f84e3912ed42ad6],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [be8bc936daa05ed89f84e3912ed42ad6],
PUP.Optional.SaveSense, HKU\S-1-5-21-4060787532-3131775629-3680099422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [eb5e936cf08a3cfa9aea55216c96b050],
PUP.Optional.SaveSense, HKU\S-1-5-21-4060787532-3131775629-3680099422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [eb5e936cf08a3cfa9aea55216c96b050],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BetterBrowse, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [a5a4a45b6614fe3871626f4a58ab6799],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [f3565ba4bbbf063070634b6e7e85cf31],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [3f0a7887f5853cfac80b437608fb23dd],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [df6a98674634e3539f3488314db609f7],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [3a0ff00f7bff0c2ac013edcc28db17e9],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [0049fb04ee8ca690dcf73089ca39e21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [32176c93d6a4979febe7befb30d3ef11],
PUP.Optional.BetterBrowse.A, HKLM\SOFTWARE\WOW6432NODE\BetterBrowse, In Quarantäne, [c78256a9e694de58e3ce7a3f7d86fc04],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [3217887753270a2c489006b3a85b09f7],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [53f6e8176812b284a72c2297bd469868],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [331642bd0773ef476b680dacea19d927],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [e267639c83f73afc399aae0ba65de21e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [f257817e7dfdb18530a39d1c5da6b24e],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [3a0ff6097dfd89ad24af7f3a689bcc34],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [1633956a06745cda15bebcfdf70c33cd],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [7ecb7b84e694a492706233865ba813ed],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [14352ed19cdea19504d23f7a92712dd3],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [6fda0ef114667fb7f9dd398010f3e41c],
PUP.Optional.BetterBrowse.A, HKU\S-1-5-21-4060787532-3131775629-3680099422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BetterBrowse, In Quarantäne, [ab9e5ba48ded6fc7d2ded0e912f1a35d],
PUP.Optional.SaveSense.A, HKU\S-1-5-21-4060787532-3131775629-3680099422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, In Quarantäne, [86c34eb1314953e352837d3c6b9805fb],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 20
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\TEMP, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\CrashReports, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Download, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Install, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Offline, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Offline\{84A9D62C-9C2A-4347-91F5-D7D12402E6B6}, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, In Quarantäne, [8bbe08f7730749ed12ed93f43ac8f30d],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, In Quarantäne, [8bbe08f7730749ed12ed93f43ac8f30d],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, In Quarantäne, [8bbe08f7730749ed12ed93f43ac8f30d],
PUP.Optional.SaveSense, C:\Users\Marita\AppData\Roaming\SaveSense, In Quarantäne, [58f1699666144fe7956b790fd1314ab6],
PUP.Optional.SaveSense.A, C:\Users\Marita\AppData\Local\SaveSenseLive, In Quarantäne, [2d1c88773e3cdc5a70946820df2339c7],
PUP.Optional.SaveSense.A, C:\Users\Marita\AppData\Local\SaveSenseLive\CrashReports, In Quarantäne, [2d1c88773e3cdc5a70946820df2339c7],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Roaming\newnext.me, In Quarantäne, [0148cf30bbbff244db6a444417eba957],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Roaming\newnext.me\cache, In Quarantäne, [0148cf30bbbff244db6a444417eba957],

Dateien: 117
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.exe, Löschen bei Neustart, [5ced6d92e496c96d61a19402926fd52b],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.exe, Löschen bei Neustart, [bf8a8a7562185bdbea184155e31e23dd],
PUP.Optional.SaveSense.A, C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe, In Quarantäne, [ab9ed32cc3b7c37352f356390ff232ce],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Local\Temp\Mobogenie_Setup_2.1.35_122100041.exe, In Quarantäne, [f85122dda9d175c1df886135d829bd43],
PUP.Optional.BetterBrowse.A, C:\Users\Marita\AppData\Local\Temp\BetterBrowseSetup.exe, In Quarantäne, [47025ea16e0cdb5be058c05e986cd62a],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nsz79AA.exe, In Quarantäne, [7ccdd52a205a51e593c1f972857cba46],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nsb71D9.exe, In Quarantäne, [c08934cb1f5bc96d351f3b30ad54db25],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nscC58.exe, In Quarantäne, [10399f60d1a95adcada7ef7cb150b54b],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nscF42B.exe, In Quarantäne, [3316e51aa4d6d561f85c145706fb58a8],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nss2753.exe, In Quarantäne, [f2575ea13e3ca98d58fcbdaee61b01ff],
PUP.Optional.SearchProtect.A, C:\Users\Marita\AppData\Local\Temp\nsx81C9.exe, In Quarantäne, [95b409f6e79332047adaa8c3e61bbc44],
PUP.Optional.SaveSense.A, C:\Users\Marita\AppData\Local\Temp\sas.exe, In Quarantäne, [41086c93700a1125c5b2acd84db427d9],
PUP.Optional.SaveSense.A, C:\Users\Marita\AppData\Local\Temp\SaveSenseUpdateVer.exe, In Quarantäne, [fe4bb24d02787abca356ceb112eed62a],
PUP.Optional.Conduit.A, C:\Users\Marita\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [5beeb24d304a46f0b38dd98732cfd62a],
PUP.Optional.Conduit.A, C:\Users\Marita\AppData\Local\Temp\sp_downloader.exe, In Quarantäne, [5fea6699abcff6406e0e60fe4bb69b65],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nseEFDD.exe, In Quarantäne, [1f2a748b91e9d2645cf88fdca55cc040],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nso6510.exe, In Quarantäne, [8cbd5ca36b0fc076450fe784f20f44bc],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nst6445.exe, In Quarantäne, [66e367981c5e71c5b69ec3a8b34ee21e],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsuF20F.exe, In Quarantäne, [ea5f699601797db9c1933734728fed13],
PUP.Optional.BundleInstaller.A, C:\Users\Marita\Downloads\openoffice setup (1).exe, In Quarantäne, [42074ab5621878be35495f1b3ec341bf],
PUP.Optional.BundleInstaller.A, C:\Users\Marita\Downloads\openoffice setup.exe, In Quarantäne, [d27720df5129191d90ee93e758a9ef11],
PUP.Optional.RegCleanPro, C:\Users\Marita\Downloads\sysrc_trial_9407_german01.exe, In Quarantäne, [0d3c6b9455250c2a4234542ecc3428d8],
PUP.Optional.BundleInstaller.A, C:\Users\Marita\Downloads\windows live messenger formerly msn messenger setup.exe, In Quarantäne, [03467689394173c399e5fa8061a043bd],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Local\genienext\nengine.dll, In Quarantäne, [163300ff5a20bc7a86e18d09d32ee818],
PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, In Quarantäne, [0c3dda25215963d39cf5f5c47b8807f9],
PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, In Quarantäne, [2e1bcc33bcbe082ea9e87346659e7888],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\BetterBrowse.ico, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\BetterBrowseUninstall.exe, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\updateBetterBrowse.InstallState, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\7za.exe, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.BrowserAdapter.exe, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.PurBrowse.zip, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowse.PurBrowse64.exe, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BetterBrowseBAApp.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\BrowserAdapterS.7z, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\sqlite3.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\utilBetterBrowse.InstallState, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}.dll, Löschen bei Neustart, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.Bromon.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.BroStats.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.BrowserAdapterS.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.CompatibilityChecker.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.FFUpdate.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.GCUpdate.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.IEUpdate.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.OfSvc.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.PurBrowse.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\plugins\BetterBrowse.Repmon.dll, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\TEMP\mfs25DB.tmp, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.BetterBrowse.A, C:\Program Files (x86)\BetterBrowse\bin\TEMP\mfs25EC.tmp, In Quarantäne, [b495ca3505750f278c23675217ec42be],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_de.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_el.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en-GB.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es-419.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_et.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fa.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fi.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fil.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fr.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_gu.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hi.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hr.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hu.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_id.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_it.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_iw.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ja.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_kn.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ko.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lt.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lv.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ml.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_mr.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ms.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_nl.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_no.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pl.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-BR.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-PT.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ro.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_am.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ar.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bg.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bn.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ca.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_cs.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sk.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sl.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sr.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sv.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sw.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ta.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_te.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_th.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_tr.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_uk.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ur.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_vi.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-CN.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-TW.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHelper.msi, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_da.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_is.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ru.dll, In Quarantäne, [5aef4bb45624f1455ca2e7a0738fbd43],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, In Quarantäne, [8bbe08f7730749ed12ed93f43ac8f30d],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [0148cf30bbbff244db6a444417eba957],
PUP.Optional.NextLive.A, C:\Users\Marita\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [0148cf30bbbff244db6a444417eba957],

Physische Sektoren: 0
(No malicious items detected)


(end)ODE][/CODE]

[COAdwCleaner Logfile:
Code:
# AdwCleaner v3.214 - Bericht erstellt am 01/07/2014 um 16:18:48
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Marita - MARITAPC
# Gestartet von : C:\Users\Marita\AppData\Local\Microsoft\Windows\INetCache\IE\2M2E6CW0\adwcleaner_3.214[1].exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Marita\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Marita\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Marita\AppData\Local\SearchProtect
Datei Gelöscht : C:\Users\Marita\daemonprocess.txt
Datei Gelöscht : C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\WEDLMNGR
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.trovigo.com/Results.aspx?q={searchTerms}&Suggest=runk&stype=Homepage&useHistory=0&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&UM=2&SelfSearch=1&SearchType=SearchWeb&SearchSource=55&ctid=CT3314759&octid=EB_ORIGINAL_CTID
Gelöscht [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
Gelöscht [Homepage] : hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [3267 octets] - [01/07/2014 16:15:09]
AdwCleaner[S0].txt - [3269 octets] - [01/07/2014 16:18:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3329 octets] ##########
--- --- ---
DE][/CODE]

[C~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Marita on 01.07.2014 at 16:29:48,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Marita\AppData\Roaming\mozilla\firefox\profiles\004v85vo.default\minidumps [30 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.07.2014 at 17:03:05,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ODE][/CODE]

[C
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Marita (administrator) on MARITAPC on 01-07-2014 17:08:10
Running from C:\Users\Marita\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [GoogleChromeAutoLaunch_26FCAD50FEA4D2144FF64E2847F340EA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Google Update] => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Yahoo! Search] => C:\Users\Marita\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {46F7DB3D-32D9-4EF6-BB40-577D4AEC6921} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {5A4594FC-845C-459F-B170-E3C42298628D} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=377
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default
FF NewTab: hxxp://rts.dsrlte.com/?m=tab
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://rts.dsrlte.com/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-15]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=", "hxxp://www.msn.com/?pc=AV01", "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: hxxp://rts.dsrlte.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (avast! Online Security) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-16]
CHR Extension: (Hangouts) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-30]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-30] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-30] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation                          )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:29 - 2014-07-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-07-01 15:23 - 2014-07-01 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 15:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 15:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:46 - 2014-07-01 14:47 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-06-30 18:03 - 2014-06-30 18:06 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-26 15:14 - 2014-06-26 15:16 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-26 15:10 - 2014-07-01 17:08 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:08 - 2014-07-01 17:08 - 00000000 ____D () C:\FRST
2014-06-26 15:07 - 2014-07-01 17:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-23 19:57 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-23 19:57 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-23 19:57 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-23 19:57 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-23 19:57 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-23 19:57 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-23 19:57 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-23 19:57 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-23 19:57 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-23 19:57 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-23 19:57 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-23 19:57 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-23 19:57 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-23 19:57 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-23 19:57 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-23 19:57 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-23 19:57 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-23 19:57 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-23 19:57 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-23 19:57 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-23 19:57 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-23 19:57 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-23 19:57 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-23 19:57 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-23 19:57 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-23 19:57 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-23 19:57 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-23 19:57 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-23 19:57 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-23 19:57 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-23 19:57 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-23 19:57 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-23 19:57 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-23 19:57 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-23 19:57 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-23 19:57 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-23 19:57 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-23 19:57 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-23 19:57 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-23 19:57 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-23 19:57 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-23 19:57 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-23 19:57 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-23 19:57 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-23 19:57 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-23 19:57 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-23 19:57 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-23 19:57 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-23 19:57 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-23 19:57 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-23 19:57 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-23 19:57 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-23 19:57 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-23 19:57 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-23 19:57 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-23 19:57 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-23 19:57 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-23 19:57 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-23 19:57 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-23 19:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-23 19:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-23 19:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-23 19:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-23 19:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-23 19:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-23 19:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-20 15:14 - 2014-06-23 19:43 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-20 15:11 - 2014-06-20 14:46 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 06:48 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 06:48 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 05:58 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-14 05:58 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-14 05:58 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-14 05:58 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-14 05:58 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-14 05:58 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-13 17:36 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:16 - 2014-06-13 17:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 20:56 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 20:46 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 20:46 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 20:46 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 20:31 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 20:31 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-12 20:31 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-12 20:31 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-12 20:26 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 20:26 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 20:17 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 20:17 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 20:17 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

==================== One Month Modified Files and Folders =======

2014-07-01 17:08 - 2014-06-26 15:10 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-07-01 17:08 - 2014-06-26 15:08 - 00000000 ____D () C:\FRST
2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:07 - 2014-06-26 15:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-01 16:58 - 2013-12-14 16:23 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job
2014-07-01 16:57 - 2013-12-12 20:17 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F1CE9E0-BBD0-4D75-93AA-2B513D5EF18D}
2014-07-01 16:45 - 2013-12-12 20:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4060787532-3131775629-3680099422-1001
2014-07-01 16:43 - 2013-12-14 16:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 16:40 - 2013-12-12 20:04 - 00952101 _____ () C:\Users\Marita\AppData\Local\BTServer.log
2014-07-01 16:34 - 2014-02-23 08:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:22 - 2013-12-14 16:14 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 16:22 - 2013-12-12 20:06 - 00000000 ____D () C:\Users\Marita\Documents\Youcam
2014-07-01 16:21 - 2013-12-14 16:13 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 16:21 - 2013-12-12 20:08 - 00000000 __RDO () C:\Users\Marita\SkyDrive
2014-07-01 16:20 - 2014-07-01 15:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 16:20 - 2013-10-07 07:06 - 00046832 _____ () C:\Windows\PFRO.log
2014-07-01 16:20 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 16:19 - 2014-07-01 15:29 - 00000000 ____D () C:\AdwCleaner
2014-07-01 16:19 - 2013-12-12 20:02 - 00000000 ____D () C:\Users\Marita
2014-07-01 16:19 - 2013-12-12 19:56 - 01723979 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 16:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-01 16:14 - 2013-08-22 16:46 - 00065923 _____ () C:\Windows\setupact.log
2014-07-01 16:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-01 14:58 - 2013-12-14 16:23 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:47 - 2014-07-01 14:46 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-07-01 05:34 - 2013-08-22 15:25 - 00000292 _____ () C:\Windows\win.ini
2014-06-30 18:06 - 2014-06-30 18:03 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:58 - 2013-12-15 08:16 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-30 17:57 - 2014-05-02 19:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-30 17:57 - 2014-01-04 16:38 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-30 17:57 - 2013-12-15 08:16 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 07:40 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-27 15:38 - 2013-12-14 16:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-27 15:38 - 2013-12-14 16:13 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 15:16 - 2014-06-26 15:14 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-23 20:20 - 2014-01-18 20:19 - 00056832 ___SH () C:\Users\Marita\Downloads\Thumbs.db
2014-06-23 20:13 - 2013-10-07 07:32 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-06-23 20:13 - 2013-10-07 07:32 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-06-23 20:13 - 2013-10-07 07:11 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 20:07 - 2013-08-22 16:44 - 00380720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 20:05 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 19:43 - 2014-06-20 15:14 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-22 14:53 - 2013-12-14 16:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA
2014-06-22 14:53 - 2013-12-14 16:23 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 14:46 - 2014-06-20 15:11 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-19 16:04 - 2014-02-15 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:44 - 2013-12-14 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 19:40 - 2013-10-07 08:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:14 - 2014-06-15 14:13 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 05:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:17 - 2014-06-13 17:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-09 05:53 - 2013-12-14 16:24 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Mozilla
2014-06-04 18:25 - 2014-05-07 18:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 18:22 - 2013-12-12 20:04 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Adobe
2014-06-01 06:15 - 2014-05-07 18:24 - 00000000 ____D () C:\ProgramData\Adobe

Some content of TEMP:
====================
C:\Users\Marita\AppData\Local\Temp\AppLauncher.exe
C:\Users\Marita\AppData\Local\Temp\icqsetup.exe
C:\Users\Marita\AppData\Local\Temp\ntdll.dll
C:\Users\Marita\AppData\Local\Temp\obexpf.dll
C:\Users\Marita\AppData\Local\Temp\Quarantine.exe
C:\Users\Marita\AppData\Local\Temp\{1E3015E6-B1C4-421F-AE8E-5E92BB2E7064}-35.0.1916.153_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 07:26

==================== End Of Log ============================
--- --- ---

--- --- ---
ODE][/CODE]

CarpeDiem206 01.07.2014 16:13
[CO
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Marita (administrator) on MARITAPC on 01-07-2014 17:08:10
Running from C:\Users\Marita\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [GoogleChromeAutoLaunch_26FCAD50FEA4D2144FF64E2847F340EA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Google Update] => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Yahoo! Search] => C:\Users\Marita\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {46F7DB3D-32D9-4EF6-BB40-577D4AEC6921} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {5A4594FC-845C-459F-B170-E3C42298628D} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=377
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default
FF NewTab: hxxp://rts.dsrlte.com/?m=tab
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://rts.dsrlte.com/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-15]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=", "hxxp://www.msn.com/?pc=AV01", "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: hxxp://rts.dsrlte.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (avast! Online Security) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-16]
CHR Extension: (Hangouts) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-30]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-30] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-30] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation                          )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:29 - 2014-07-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-07-01 15:23 - 2014-07-01 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 15:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 15:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:46 - 2014-07-01 14:47 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-06-30 18:03 - 2014-06-30 18:06 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-26 15:14 - 2014-06-26 15:16 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-26 15:10 - 2014-07-01 17:08 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:08 - 2014-07-01 17:08 - 00000000 ____D () C:\FRST
2014-06-26 15:07 - 2014-07-01 17:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-23 19:57 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-23 19:57 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-23 19:57 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-23 19:57 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-23 19:57 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-23 19:57 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-23 19:57 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-23 19:57 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-23 19:57 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-23 19:57 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-23 19:57 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-23 19:57 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-23 19:57 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-23 19:57 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-23 19:57 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-23 19:57 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-23 19:57 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-23 19:57 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-23 19:57 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-23 19:57 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-23 19:57 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-23 19:57 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-23 19:57 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-23 19:57 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-23 19:57 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-23 19:57 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-23 19:57 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-23 19:57 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-23 19:57 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-23 19:57 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-23 19:57 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-23 19:57 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-23 19:57 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-23 19:57 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-23 19:57 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-23 19:57 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-23 19:57 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-23 19:57 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-23 19:57 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-23 19:57 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-23 19:57 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-23 19:57 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-23 19:57 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-23 19:57 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-23 19:57 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-23 19:57 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-23 19:57 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-23 19:57 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-23 19:57 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-23 19:57 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-23 19:57 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-23 19:57 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-23 19:57 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-23 19:57 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-23 19:57 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-23 19:57 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-23 19:57 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-23 19:57 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-23 19:57 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-23 19:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-23 19:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-23 19:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-23 19:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-23 19:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-23 19:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-23 19:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-20 15:14 - 2014-06-23 19:43 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-20 15:11 - 2014-06-20 14:46 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 06:48 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 06:48 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 05:58 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-14 05:58 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-14 05:58 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-14 05:58 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-14 05:58 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-14 05:58 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-13 17:36 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:16 - 2014-06-13 17:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 20:56 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 20:46 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 20:46 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 20:46 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 20:31 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 20:31 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-12 20:31 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-12 20:31 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-12 20:26 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 20:26 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 20:17 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 20:17 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 20:17 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

==================== One Month Modified Files and Folders =======

2014-07-01 17:08 - 2014-06-26 15:10 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-07-01 17:08 - 2014-06-26 15:08 - 00000000 ____D () C:\FRST
2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:07 - 2014-06-26 15:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-01 16:58 - 2013-12-14 16:23 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job
2014-07-01 16:57 - 2013-12-12 20:17 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F1CE9E0-BBD0-4D75-93AA-2B513D5EF18D}
2014-07-01 16:45 - 2013-12-12 20:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4060787532-3131775629-3680099422-1001
2014-07-01 16:43 - 2013-12-14 16:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 16:40 - 2013-12-12 20:04 - 00952101 _____ () C:\Users\Marita\AppData\Local\BTServer.log
2014-07-01 16:34 - 2014-02-23 08:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:22 - 2013-12-14 16:14 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 16:22 - 2013-12-12 20:06 - 00000000 ____D () C:\Users\Marita\Documents\Youcam
2014-07-01 16:21 - 2013-12-14 16:13 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 16:21 - 2013-12-12 20:08 - 00000000 __RDO () C:\Users\Marita\SkyDrive
2014-07-01 16:20 - 2014-07-01 15:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 16:20 - 2013-10-07 07:06 - 00046832 _____ () C:\Windows\PFRO.log
2014-07-01 16:20 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 16:19 - 2014-07-01 15:29 - 00000000 ____D () C:\AdwCleaner
2014-07-01 16:19 - 2013-12-12 20:02 - 00000000 ____D () C:\Users\Marita
2014-07-01 16:19 - 2013-12-12 19:56 - 01723979 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 16:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-01 16:14 - 2013-08-22 16:46 - 00065923 _____ () C:\Windows\setupact.log
2014-07-01 16:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-01 14:58 - 2013-12-14 16:23 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:47 - 2014-07-01 14:46 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-07-01 05:34 - 2013-08-22 15:25 - 00000292 _____ () C:\Windows\win.ini
2014-06-30 18:06 - 2014-06-30 18:03 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:58 - 2013-12-15 08:16 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-30 17:57 - 2014-05-02 19:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-30 17:57 - 2014-01-04 16:38 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-30 17:57 - 2013-12-15 08:16 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 07:40 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-27 15:38 - 2013-12-14 16:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-27 15:38 - 2013-12-14 16:13 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 15:16 - 2014-06-26 15:14 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-23 20:20 - 2014-01-18 20:19 - 00056832 ___SH () C:\Users\Marita\Downloads\Thumbs.db
2014-06-23 20:13 - 2013-10-07 07:32 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-06-23 20:13 - 2013-10-07 07:32 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-06-23 20:13 - 2013-10-07 07:11 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 20:07 - 2013-08-22 16:44 - 00380720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 20:05 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 19:43 - 2014-06-20 15:14 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-22 14:53 - 2013-12-14 16:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA
2014-06-22 14:53 - 2013-12-14 16:23 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 14:46 - 2014-06-20 15:11 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-19 16:04 - 2014-02-15 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:44 - 2013-12-14 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 19:40 - 2013-10-07 08:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:14 - 2014-06-15 14:13 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 05:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:17 - 2014-06-13 17:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-09 05:53 - 2013-12-14 16:24 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Mozilla
2014-06-04 18:25 - 2014-05-07 18:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 18:22 - 2013-12-12 20:04 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Adobe
2014-06-01 06:15 - 2014-05-07 18:24 - 00000000 ____D () C:\ProgramData\Adobe

Some content of TEMP:
====================
C:\Users\Marita\AppData\Local\Temp\AppLauncher.exe
C:\Users\Marita\AppData\Local\Temp\icqsetup.exe
C:\Users\Marita\AppData\Local\Temp\ntdll.dll
C:\Users\Marita\AppData\Local\Temp\obexpf.dll
C:\Users\Marita\AppData\Local\Temp\Quarantine.exe
C:\Users\Marita\AppData\Local\Temp\{1E3015E6-B1C4-421F-AE8E-5E92BB2E7064}-35.0.1916.153_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 07:26

==================== End Of Log ============================
--- --- ---
DE][/CODE][C
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Marita (administrator) on MARITAPC on 01-07-2014 17:08:10
Running from C:\Users\Marita\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [GoogleChromeAutoLaunch_26FCAD50FEA4D2144FF64E2847F340EA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Google Update] => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Yahoo! Search] => C:\Users\Marita\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {46F7DB3D-32D9-4EF6-BB40-577D4AEC6921} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {5A4594FC-845C-459F-B170-E3C42298628D} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=377
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default
FF NewTab: hxxp://rts.dsrlte.com/?m=tab
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://rts.dsrlte.com/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-15]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=", "hxxp://www.msn.com/?pc=AV01", "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: hxxp://rts.dsrlte.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (avast! Online Security) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-16]
CHR Extension: (Hangouts) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-30]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-30] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-30] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation                          )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:29 - 2014-07-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-07-01 15:23 - 2014-07-01 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 15:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 15:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:46 - 2014-07-01 14:47 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-06-30 18:03 - 2014-06-30 18:06 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-26 15:14 - 2014-06-26 15:16 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-26 15:10 - 2014-07-01 17:08 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:08 - 2014-07-01 17:08 - 00000000 ____D () C:\FRST
2014-06-26 15:07 - 2014-07-01 17:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-23 19:57 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-23 19:57 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-23 19:57 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-23 19:57 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-23 19:57 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-23 19:57 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-23 19:57 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-23 19:57 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-23 19:57 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-23 19:57 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-23 19:57 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-23 19:57 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-23 19:57 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-23 19:57 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-23 19:57 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-23 19:57 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-23 19:57 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-23 19:57 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-23 19:57 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-23 19:57 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-23 19:57 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-23 19:57 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-23 19:57 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-23 19:57 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-23 19:57 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-23 19:57 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-23 19:57 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-23 19:57 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-23 19:57 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-23 19:57 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-23 19:57 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-23 19:57 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-23 19:57 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-23 19:57 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-23 19:57 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-23 19:57 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-23 19:57 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-23 19:57 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-23 19:57 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-23 19:57 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-23 19:57 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-23 19:57 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-23 19:57 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-23 19:57 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-23 19:57 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-23 19:57 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-23 19:57 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-23 19:57 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-23 19:57 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-23 19:57 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-23 19:57 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-23 19:57 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-23 19:57 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-23 19:57 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-23 19:57 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-23 19:57 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-23 19:57 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-23 19:57 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-23 19:57 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-23 19:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-23 19:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-23 19:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-23 19:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-23 19:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-23 19:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-23 19:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-20 15:14 - 2014-06-23 19:43 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-20 15:11 - 2014-06-20 14:46 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 06:48 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 06:48 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 05:58 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-14 05:58 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-14 05:58 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-14 05:58 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-14 05:58 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-14 05:58 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-13 17:36 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:16 - 2014-06-13 17:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 20:56 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 20:46 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 20:46 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 20:46 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 20:31 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 20:31 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-12 20:31 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-12 20:31 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-12 20:26 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 20:26 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 20:17 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 20:17 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 20:17 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

==================== One Month Modified Files and Folders =======

2014-07-01 17:08 - 2014-06-26 15:10 - 00016751 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-07-01 17:08 - 2014-06-26 15:08 - 00000000 ____D () C:\FRST
2014-07-01 17:07 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:07 - 2014-06-26 15:07 - 02083328 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-01 16:58 - 2013-12-14 16:23 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job
2014-07-01 16:57 - 2013-12-12 20:17 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F1CE9E0-BBD0-4D75-93AA-2B513D5EF18D}
2014-07-01 16:45 - 2013-12-12 20:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4060787532-3131775629-3680099422-1001
2014-07-01 16:43 - 2013-12-14 16:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 16:40 - 2013-12-12 20:04 - 00952101 _____ () C:\Users\Marita\AppData\Local\BTServer.log
2014-07-01 16:34 - 2014-02-23 08:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:22 - 2013-12-14 16:14 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 16:22 - 2013-12-12 20:06 - 00000000 ____D () C:\Users\Marita\Documents\Youcam
2014-07-01 16:21 - 2013-12-14 16:13 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 16:21 - 2013-12-12 20:08 - 00000000 __RDO () C:\Users\Marita\SkyDrive
2014-07-01 16:20 - 2014-07-01 15:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 16:20 - 2013-10-07 07:06 - 00046832 _____ () C:\Windows\PFRO.log
2014-07-01 16:20 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 16:19 - 2014-07-01 15:29 - 00000000 ____D () C:\AdwCleaner
2014-07-01 16:19 - 2013-12-12 20:02 - 00000000 ____D () C:\Users\Marita
2014-07-01 16:19 - 2013-12-12 19:56 - 01723979 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 16:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-01 16:14 - 2013-08-22 16:46 - 00065923 _____ () C:\Windows\setupact.log
2014-07-01 16:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-01 14:58 - 2013-12-14 16:23 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:47 - 2014-07-01 14:46 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-07-01 05:34 - 2013-08-22 15:25 - 00000292 _____ () C:\Windows\win.ini
2014-06-30 18:06 - 2014-06-30 18:03 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:58 - 2013-12-15 08:16 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-30 17:57 - 2014-05-02 19:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-30 17:57 - 2014-01-04 16:38 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-30 17:57 - 2013-12-15 08:16 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 07:40 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-27 15:38 - 2013-12-14 16:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-27 15:38 - 2013-12-14 16:13 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 15:16 - 2014-06-26 15:14 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-23 20:20 - 2014-01-18 20:19 - 00056832 ___SH () C:\Users\Marita\Downloads\Thumbs.db
2014-06-23 20:13 - 2013-10-07 07:32 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-06-23 20:13 - 2013-10-07 07:32 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-06-23 20:13 - 2013-10-07 07:11 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 20:07 - 2013-08-22 16:44 - 00380720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 20:05 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 19:43 - 2014-06-20 15:14 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-22 14:53 - 2013-12-14 16:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA
2014-06-22 14:53 - 2013-12-14 16:23 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 14:46 - 2014-06-20 15:11 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-19 16:04 - 2014-02-15 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:44 - 2013-12-14 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 19:40 - 2013-10-07 08:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:14 - 2014-06-15 14:13 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 05:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:17 - 2014-06-13 17:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-09 05:53 - 2013-12-14 16:24 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Mozilla
2014-06-04 18:25 - 2014-05-07 18:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 18:22 - 2013-12-12 20:04 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Adobe
2014-06-01 06:15 - 2014-05-07 18:24 - 00000000 ____D () C:\ProgramData\Adobe

Some content of TEMP:
====================
C:\Users\Marita\AppData\Local\Temp\AppLauncher.exe
C:\Users\Marita\AppData\Local\Temp\icqsetup.exe
C:\Users\Marita\AppData\Local\Temp\ntdll.dll
C:\Users\Marita\AppData\Local\Temp\obexpf.dll
C:\Users\Marita\AppData\Local\Temp\Quarantine.exe
C:\Users\Marita\AppData\Local\Temp\{1E3015E6-B1C4-421F-AE8E-5E92BB2E7064}-35.0.1916.153_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 07:26

==================== End Of Log ============================
--- --- ---
ODE][/CODE]

schrauber 02.07.2014 12:36

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

CarpeDiem206 02.07.2014 19:36
[CESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=2923ba6ae37ae84fb344b97172b9e417
# engine=18989
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-02 06:16:18
# local_time=2014-07-02 08:16:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 180969 17240403 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3814155 20480656 0 0
# scanned=97448
# found=22
# cleaned=0
# scan_time=5299
sh=9DD0F7453F429A74EDA0C5519D70C91AF1EC6AA2 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip.vir"
sh=12A81C015E84CAB1346754690B8683E3D0F5C542 ft=1 fh=2038865bafb4f80a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=CC52EE1298EA7A344B1C0CD7D03D1A059C77FD39 ft=1 fh=d235b59034f549ec vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=930F6C24088B7CB47481D4EDD64A873A817E73FC ft=1 fh=44fb5a4b02bb1a4e vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marita\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=3C4070BE9BE256CA88CD3B993CFBE4DEF47E67E1 ft=1 fh=83a1f0e292f9ec84 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\Main\bin\CltMngSvc.exe"
sh=DF96804C0D2D07D7543728DF582C86ACD3BEF3CF ft=1 fh=8676e6337a543f91 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\Main\bin\SPTool.dll"
sh=126B22D7B2FE0FC571E6D6D0098B0E0D053C0BCC ft=1 fh=89dba07409c55d47 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\Main\bin\SPtool.dll_1389819664790"
sh=126B22D7B2FE0FC571E6D6D0098B0E0D053C0BCC ft=1 fh=89dba07409c55d47 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\Main\bin\SPtool.dll_1389819664900"
sh=B5DF867773B2125B795CB3529C1E2BA0C966E3BA ft=1 fh=b3456bbad5e35583 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\Main\bin\uninstall.exe"
sh=FCCE50690A6D178BE2B8A31879CAFAF588391471 ft=1 fh=d8b515b071077d63 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\cltmng.exe"
sh=42DC8E63529F05BC94498A1A46C687D9E46B176B ft=1 fh=9f3c43016ed5948e vn="Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\SPTool64.exe"
sh=AE3B2E4C9A70365701DA4CF81C5840EB9E381A3B ft=1 fh=6e18acf4649bfc9d vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\SPVC32.dll"
sh=F36CF4C6D3CF1A5135EFE9227FE64F0A2D58923C ft=1 fh=ecb5b74ede6f68e7 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\SPVC32Loader.dll"
sh=7059CD20D2F06AA75BE67F3346163054C8C6D029 ft=1 fh=5060d2deeedab7ef vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\SPVC64.dll"
sh=A658A44585D4BF594EAAC652D14FA9B7B54884EB ft=1 fh=155982e046f17f55 vn="Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\SearchProtect\bin\SPVC64Loader.dll"
sh=368BBCB96E6452C93F2DA8BEE66B913A4AEC0DD9 ft=1 fh=d8de4edd033abc13 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect59747593\UI\bin\cltmngui.exe"
sh=C35A0B3AF06F6AD199122599237B5AA67CEEB876 ft=1 fh=f14327a1ad7f7876 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marita\AppData\Local\Microsoft\Windows\INetCache\IE\2M2E6CW0\SPSetup[1].exe"
sh=DEEAB49B5DE40C7914CD0D69CB18F7C306E56E9B ft=1 fh=ec010c09d06e0e8a vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marita\AppData\Local\Microsoft\Windows\INetCache\IE\R4JHPXX3\Setup[1].exe"
sh=9CDD87BC95DEA954665CB7F22579E04FC360077A ft=1 fh=9319ecaed0a22c9b vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Marita\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe"
sh=28EF2426F2C6431317A68BA0AAAE8035E572A9F1 ft=1 fh=9721121e19368dd1 vn="Win32/OutBrowse.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marita\Downloads\setupflash player.exe"
ODE][/CODE]

[COD Results of screen317's Security Check version 0.99.83
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 13.0.0.214
Adobe Reader XI
Mozilla Firefox (30.0)
Mozilla Thunderbird (24.3.0)
Google Chrome 35.0.1916.114
Google Chrome 35.0.1916.153
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
E][/CODE]

[CO
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Marita (administrator) on MARITAPC on 02-07-2014 20:33:40
Running from C:\Users\Marita\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Marita\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-29] (Realtek Semiconductor Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [GoogleChromeAutoLaunch_26FCAD50FEA4D2144FF64E2847F340EA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Google Update] => C:\Users\Marita\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-14] (Google Inc.)
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-4060787532-3131775629-3680099422-1001\...\Run: [Yahoo! Search] => C:\Users\Marita\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {46F7DB3D-32D9-4EF6-BB40-577D4AEC6921} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {5A4594FC-845C-459F-B170-E3C42298628D} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=377
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default
FF NewTab: hxxp://rts.dsrlte.com/?m=tab
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://rts.dsrlte.com/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marita\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marita\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marita\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\004v85vo.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-15]

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP1F7BAA3D-84A1-4CB1-B036-5D4D5F2A760C&SSPV=", "hxxp://www.msn.com/?pc=AV01", "hxxp://rts.dsrlte.com"
CHR DefaultSearchKeyword: pay-by-ads.com
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: hxxp://rts.dsrlte.com/?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (YouTube) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (Google-Suche) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (avast! Online Security) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-16]
CHR Extension: (Hangouts) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Google Mail) - C:\Users\Marita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-30]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-30] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [61440 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [160768 2013-06-27] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-06-30] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-30] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\Windows\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-10-22] ()
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corporation                          )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 20:29 - 2014-07-02 20:29 - 00854367 _____ () C:\Users\Marita\Downloads\SecurityCheck.exe
2014-07-02 18:44 - 2014-07-02 18:44 - 02347384 _____ (ESET) C:\Users\Marita\Downloads\esetsmartinstaller_deu.exe
2014-07-02 18:44 - 2014-07-02 18:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-01 17:07 - 2014-07-02 20:33 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:29 - 2014-07-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-07-01 15:23 - 2014-07-02 20:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 15:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 15:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:46 - 2014-07-01 14:47 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-06-30 18:03 - 2014-06-30 18:06 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-26 15:14 - 2014-06-26 15:16 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-26 15:10 - 2014-07-02 20:33 - 00017013 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-06-26 15:08 - 2014-07-02 20:33 - 00000000 ____D () C:\FRST
2014-06-26 15:07 - 2014-07-02 20:33 - 02083840 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-06-23 19:57 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-23 19:57 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-23 19:57 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-23 19:57 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-23 19:57 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-06-23 19:57 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-23 19:57 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-23 19:57 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-23 19:57 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-23 19:57 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-23 19:57 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-23 19:57 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-23 19:57 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-23 19:57 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-23 19:57 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-23 19:57 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-23 19:57 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-23 19:57 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-23 19:57 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-23 19:57 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-23 19:57 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-23 19:57 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-23 19:57 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-23 19:57 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-23 19:57 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-23 19:57 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-23 19:57 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-23 19:57 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-23 19:57 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-23 19:57 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-23 19:57 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-23 19:57 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-23 19:57 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-23 19:57 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-23 19:57 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-23 19:57 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-23 19:57 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-23 19:57 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-23 19:57 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-23 19:57 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-23 19:57 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-23 19:57 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-23 19:57 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-23 19:57 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-23 19:57 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-23 19:57 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-23 19:57 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-23 19:57 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-23 19:57 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-23 19:57 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-23 19:57 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-23 19:57 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-23 19:57 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-23 19:57 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-23 19:57 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-23 19:57 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-23 19:57 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-23 19:57 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-23 19:57 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-23 19:57 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-23 19:57 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-23 19:57 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-23 19:57 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-23 19:57 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-23 19:57 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-23 19:57 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-23 19:57 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-23 19:57 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-23 19:57 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-23 19:57 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-23 19:57 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-23 19:57 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-23 19:57 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-23 19:57 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-23 19:57 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-23 19:57 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-23 19:57 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-23 19:57 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-23 19:57 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-23 19:57 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-23 19:57 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-23 19:57 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-23 19:57 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-23 19:57 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-23 19:57 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-23 19:57 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-23 19:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-23 19:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-23 19:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-23 19:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-23 19:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-23 19:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-23 19:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-23 19:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-23 19:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-23 19:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-23 19:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-23 19:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-23 19:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-23 19:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-23 19:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-23 19:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-23 19:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-20 15:14 - 2014-06-23 19:43 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-20 15:11 - 2014-06-20 14:46 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:13 - 2014-06-15 14:14 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 06:48 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 06:48 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 05:58 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-14 05:58 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-14 05:58 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-14 05:58 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-14 05:58 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-14 05:58 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-13 17:36 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:16 - 2014-06-13 17:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 20:56 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 20:46 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 20:46 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 20:46 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 20:31 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 20:31 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-06-12 20:31 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 20:31 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-12 20:31 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-12 20:26 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 20:26 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 20:17 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 20:17 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 20:17 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

==================== One Month Modified Files and Folders =======

2014-07-02 20:35 - 2014-06-26 15:10 - 00017013 _____ () C:\Users\Marita\Downloads\FRST.txt
2014-07-02 20:34 - 2014-07-01 15:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 20:34 - 2014-02-23 08:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 20:33 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Marita\Downloads\FRST-OlderVersion
2014-07-02 20:33 - 2014-06-26 15:08 - 00000000 ____D () C:\FRST
2014-07-02 20:33 - 2014-06-26 15:07 - 02083840 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2014-07-02 20:29 - 2014-07-02 20:29 - 00854367 _____ () C:\Users\Marita\Downloads\SecurityCheck.exe
2014-07-02 20:21 - 2013-12-12 20:17 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F1CE9E0-BBD0-4D75-93AA-2B513D5EF18D}
2014-07-02 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-02 20:00 - 2013-10-07 07:32 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 20:00 - 2013-10-07 07:32 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 20:00 - 2013-10-07 07:11 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 19:58 - 2013-12-14 16:23 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA.job
2014-07-02 19:57 - 2013-08-22 16:46 - 00066718 _____ () C:\Windows\setupact.log
2014-07-02 19:56 - 2013-12-12 20:04 - 00959043 _____ () C:\Users\Marita\AppData\Local\BTServer.log
2014-07-02 19:43 - 2013-12-14 16:13 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 18:58 - 2013-12-12 19:56 - 01772822 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 18:44 - 2014-07-02 18:44 - 02347384 _____ (ESET) C:\Users\Marita\Downloads\esetsmartinstaller_deu.exe
2014-07-02 18:44 - 2014-07-02 18:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 18:43 - 2013-12-12 20:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4060787532-3131775629-3680099422-1001
2014-07-02 18:39 - 2013-12-12 20:06 - 00000000 ____D () C:\Users\Marita\Documents\Youcam
2014-07-02 18:38 - 2013-12-14 16:14 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-02 18:38 - 2013-12-14 16:13 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 18:38 - 2013-12-12 20:08 - 00000000 __RDO () C:\Users\Marita\SkyDrive
2014-07-01 17:17 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 17:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-01 17:03 - 2014-07-01 17:03 - 00000882 _____ () C:\Users\Marita\Desktop\JRT.txt
2014-07-01 16:29 - 2014-07-01 16:29 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 16:20 - 2013-10-07 07:06 - 00046832 _____ () C:\Windows\PFRO.log
2014-07-01 16:19 - 2014-07-01 15:29 - 00000000 ____D () C:\AdwCleaner
2014-07-01 16:19 - 2013-12-12 20:02 - 00000000 ____D () C:\Users\Marita
2014-07-01 16:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-01 16:09 - 2014-07-01 16:09 - 00029205 _____ () C:\Users\Marita\Desktop\mbam.txt
2014-07-01 15:23 - 2014-07-01 15:23 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 15:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-01 14:58 - 2013-12-14 16:23 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core.job
2014-07-01 14:54 - 2014-07-01 14:54 - 00001288 _____ () C:\Users\Marita\Desktop\Revo Uninstaller.lnk
2014-07-01 14:54 - 2014-07-01 14:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 14:52 - 2014-07-01 14:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-07-01 14:47 - 2014-07-01 14:46 - 17257912 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 14:33 - 2014-07-01 14:33 - 02619300 _____ (VS Revo Group Ltd.) C:\Users\Marita\Downloads\revosetup95.exe
2014-07-01 05:34 - 2013-08-22 15:25 - 00000292 _____ () C:\Windows\win.ini
2014-06-30 18:06 - 2014-06-30 18:03 - 04875056 _____ (WinZip International LLC ) C:\Users\Marita\Downloads\wzmp_8.exe
2014-06-30 17:58 - 2013-12-15 08:16 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-30 17:57 - 2014-06-30 17:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-30 17:57 - 2014-05-02 19:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-30 17:57 - 2014-01-04 16:38 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-30 17:57 - 2013-12-15 08:16 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-30 17:57 - 2013-12-15 08:16 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-29 12:32 - 2014-06-29 12:32 - 00003538 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-06-29 12:32 - 2014-06-29 12:32 - 00000000 ____D () C:\Users\Marita\AppData\Local\Pay-By-Ads
2014-06-29 12:08 - 2014-06-29 12:08 - 00001151 _____ () C:\Users\Marita\Desktop\FRST.txt - Verknüpfung.lnk
2014-06-29 12:06 - 2014-06-29 12:06 - 00001191 _____ () C:\Users\Marita\Desktop\Addition.txt - Verknüpfung.lnk
2014-06-28 07:40 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-28 05:58 - 2014-06-28 05:58 - 00001872 _____ () C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-27 15:38 - 2013-12-14 16:13 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-27 15:38 - 2013-12-14 16:13 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 19:40 - 2013-12-15 08:20 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 15:16 - 2014-06-26 15:14 - 00028086 _____ () C:\Users\Marita\Downloads\Addition.txt
2014-06-23 20:20 - 2014-01-18 20:19 - 00056832 ___SH () C:\Users\Marita\Downloads\Thumbs.db
2014-06-23 20:07 - 2013-08-22 16:44 - 00380720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-06-23 20:05 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-23 20:05 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-23 19:43 - 2014-06-20 15:14 - 00000000 ____D () C:\Users\Marita\Downloads\Win81U
2014-06-23 15:42 - 2014-06-23 15:42 - 00000000 ____D () C:\Users\Marita\AppData\Local\Adobe
2014-06-22 14:53 - 2013-12-14 16:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001UA
2014-06-22 14:53 - 2013-12-14 16:23 - 00003710 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4060787532-3131775629-3680099422-1001Core
2014-06-20 14:49 - 2014-06-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 14:46 - 2014-06-20 15:11 - 807793968 _____ () C:\Users\Marita\Downloads\Win81U.zip
2014-06-19 16:04 - 2014-02-15 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 19:44 - 2013-12-14 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 19:40 - 2013-10-07 08:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieUserList
2014-06-17 17:10 - 2014-06-17 17:10 - 00000000 __SHD () C:\Users\Marita\AppData\Local\EmieSiteList
2014-06-15 14:21 - 2014-06-15 14:21 - 04536336 _____ () C:\Users\Marita\Downloads\avira_de_av___ws.exe
2014-06-15 14:14 - 2014-06-15 14:13 - 29671984 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox-Setup-30.0.exe
2014-06-14 13:02 - 2014-06-14 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-14 05:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-06-13 17:17 - 2014-06-13 17:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 17:17 - 2014-06-13 17:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 17:17 - 2014-06-13 17:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 17:17 - 2014-06-13 17:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-09 05:53 - 2013-12-14 16:24 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Mozilla
2014-06-04 18:25 - 2014-05-07 18:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 18:22 - 2013-12-12 20:04 - 00000000 ____D () C:\Users\Marita\AppData\Roaming\Adobe

Some content of TEMP:
====================
C:\Users\Marita\AppData\Local\Temp\AppLauncher.exe
C:\Users\Marita\AppData\Local\Temp\icqsetup.exe
C:\Users\Marita\AppData\Local\Temp\ntdll.dll
C:\Users\Marita\AppData\Local\Temp\obexpf.dll
C:\Users\Marita\AppData\Local\Temp\Quarantine.exe
C:\Users\Marita\AppData\Local\Temp\{1E3015E6-B1C4-421F-AE8E-5E92BB2E7064}-35.0.1916.153_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 07:26

==================== End Of Log ============================
--- --- ---

--- --- ---
DE][/CODE]

schrauber 03.07.2014 12:04
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Program Files (x86)\SearchProtect59747593
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)
C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

CarpeDiem206 04.07.2014 14:18
[CFix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Marita at 2014-07-04 14:56:55 Run:1
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\SearchProtect59747593
R1 {d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64; C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys [61120 2014-04-24] (StdLib)
C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys
*****************

C:\Program Files (x86)\SearchProtect59747593 => Moved successfully.
{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64 => Unable to stop service
{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64 => Service deleted successfully.
C:\Windows\System32\drivers\{d1377c30-1cf3-4e6f-ae8b-e1fab3664710}w64.sys => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====ODE][/CODE]

Hallo Schrauber...
Ganz ganz lieben Dank für deine Hilfe..Wirklich toll und verständlich erklärt so, dass eine Frau mit wenig
Verständnis für solche Sachen das nachvollziehen konnte.Hab auch alle deine Tips befolgt.
Kann diese Seite wirklich nur empfehlen. Bin halt nur Anwenderin.
Danke! Danke! Danke!!!

schrauber 05.07.2014 11:57
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:16 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131