Danke für die schnelle Antwort!!! :)
Ich poste jetzt ein Ergebnis nach dem Anderen der Übersicht halber!!
Also erst mal die mbam txt:
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Protection, 10.04.2014 13:56:12, SYSTEM, SHISHI, Protection, Malware Protection, Starting,
Protection, 10.04.2014 13:56:12, SYSTEM, SHISHI, Protection, Malware Protection, Started,
Protection, 10.04.2014 13:56:12, SYSTEM, SHISHI, Protection, Malicious Website Protection, Starting,
Protection, 10.04.2014 13:56:44, SYSTEM, SHISHI, Protection, Malicious Website Protection, Started,
Update, 10.04.2014 13:56:51, SYSTEM, SHISHI, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 10.04.2014 13:57:05, SYSTEM, SHISHI, Manual, Malware Database, 2014.3.4.9, 2014.4.10.4,
Protection, 10.04.2014 13:57:10, SYSTEM, SHISHI, Protection, Refresh, Starting,
Protection, 10.04.2014 13:57:10, SYSTEM, SHISHI, Protection, Malicious Website Protection, Stopping,
Protection, 10.04.2014 13:57:10, SYSTEM, SHISHI, Protection, Malicious Website Protection, Stopped,
Protection, 10.04.2014 13:57:14, SYSTEM, SHISHI, Protection, Refresh, Success,
Protection, 10.04.2014 13:57:14, SYSTEM, SHISHI, Protection, Malicious Website Protection, Starting,
Protection, 10.04.2014 13:57:15, SYSTEM, SHISHI, Protection, Malicious Website Protection, Started,
Detection, 10.04.2014 14:10:07, SYSTEM, SHISHI, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Users\ralle\AppData\Roaming\SupTab\SupTab.dll, Quarantine, [ddcfb8701665e5513911fe3736cafb05]
Protection, 10.04.2014 14:15:14, SYSTEM, SHISHI, Protection, Malware Protection, Starting,
Protection, 10.04.2014 14:15:14, SYSTEM, SHISHI, Protection, Malware Protection, Started,
Protection, 10.04.2014 14:15:14, SYSTEM, SHISHI, Protection, Malicious Website Protection, Starting,
Protection, 10.04.2014 14:16:32, SYSTEM, SHISHI, Protection, Malicious Website Protection, Started,
(end)
So nun die AdwClean txt:
Code:
# AdwCleaner v3.023 - Bericht erstellt am 10/04/2014 um 14:28:41
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : ralle - SHISHI
# Gestartet von : C:\Users\ralle\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\SupTab
Ordner Gelöscht : C:\Users\ralle\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\ralle\AppData\Roaming\SupTab
Datei Gelöscht : C:\Users\ralle\AppData\Roaming\Mozilla\Firefox\Profiles\a6mg1me2.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Wpm
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16545
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v
[ Datei : C:\Users\ralle\AppData\Roaming\Mozilla\Firefox\Profiles\a6mg1me2.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2291 octets] - [10/04/2014 14:26:11]
AdwCleaner[S0].txt - [2121 octets] - [10/04/2014 14:28:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2181 octets] ##########
und die jrt txt mit anschließendem frst log:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ralle on 10.04.2014 at 14:37:18,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2014 at 14:39:16,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (ATTENTION: ====> FRST version is 28 days old and could be outdated)
Ran by ralle (administrator) on SHISHI on 10-04-2014 14:43:57
Running from C:\Users\ralle\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Users\ralle\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ralle\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ralle\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4084934381-725728229-4282650700-1000\...\Run: [Google Update] - C:\Users\ralle\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-26] (Google Inc.)
HKU\S-1-5-21-4084934381-725728229-4282650700-1000\...\MountPoints2: {353c109d-b4ac-11e1-ab48-806e6f6e6963} - E:\Medicopter4Setup.exe
HKU\S-1-5-21-4084934381-725728229-4282650700-1000\...\MountPoints2: {76e98207-bc69-11e1-8b04-806e6f6e6963} - E:\SETUP.EXE
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBD627084E5E5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\ralle\AppData\Roaming\Mozilla\Firefox\Profiles\a6mg1me2.default
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ralle\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ralle\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ralle\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ralle\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\ralle\AppData\Local\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Users\ralle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-26]
CHR Extension: (Google-Suche) - C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-26]
CHR Extension: (Social share 3 in 1) - C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdciljooegpdknfnjbeebnflbkjfcjcf [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
CHR Extension: (Google Mail) - C:\Users\ralle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-10]
CHR StartMenuInternet: Google Chrome - C:\Users\ralle\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2014-01-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2014-01-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-01-28] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-01-28] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-10 14:39 - 2014-04-10 14:39 - 00000689 _____ () C:\Users\ralle\Desktop\JRT.txt
2014-04-10 14:34 - 2014-04-10 14:34 - 01016261 _____ (Thisisu) C:\Users\ralle\Downloads\JRT.exe
2014-04-10 14:34 - 2014-04-10 14:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:31 - 2014-04-10 14:31 - 00002261 _____ () C:\Users\ralle\Desktop\AdwCleaner[S0].txt
2014-04-10 14:26 - 2014-04-10 14:28 - 00000000 ____D () C:\AdwCleaner
2014-04-10 14:24 - 2014-04-10 14:24 - 01426178 _____ () C:\Users\ralle\Downloads\adwcleaner.exe
2014-04-10 14:22 - 2014-04-10 14:22 - 00001817 _____ () C:\sss.txt
2014-04-10 14:19 - 2014-04-10 14:19 - 00001817 _____ () C:\Users\ralle\Desktop\mbam.txt
2014-04-10 13:56 - 2014-04-10 14:41 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 13:55 - 2014-04-10 13:55 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 13:55 - 2014-04-10 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:55 - 2014-04-10 13:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 13:55 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 13:55 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 13:55 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 13:53 - 2014-04-10 13:54 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ralle\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-09 17:16 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:16 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:16 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 17:15 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:15 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:15 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:15 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:15 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:15 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:15 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 17:15 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:15 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 17:15 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:15 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:15 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:15 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 16:17 - 2014-04-09 16:17 - 00024124 _____ () C:\Users\ralle\Downloads\Addition (1).txt
2014-04-09 16:16 - 2014-04-09 16:16 - 00032837 _____ () C:\Users\ralle\Downloads\FRST (1).txt
2014-04-09 16:01 - 2014-04-10 14:43 - 00011369 _____ () C:\Users\ralle\Downloads\FRST.txt
2014-04-09 16:01 - 2014-04-09 16:02 - 00021938 _____ () C:\Users\ralle\Downloads\Addition.txt
2014-04-09 16:00 - 2014-04-10 14:43 - 00000000 ____D () C:\FRST
2014-04-09 15:59 - 2014-04-09 15:59 - 01145856 _____ (Farbar) C:\Users\ralle\Downloads\FRST.exe
2014-04-09 13:37 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-23 18:55 - 2014-03-23 18:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-23 18:55 - 2014-03-23 18:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-18 14:53 - 2014-04-05 20:29 - 00002627 _____ () C:\Users\ralle\Desktop\Microsoft Office Word 2007.lnk
2014-03-18 14:53 - 2009-02-27 04:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-03-18 14:52 - 2014-03-23 18:57 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-18 14:49 - 2014-03-18 14:49 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-18 14:48 - 2014-03-28 23:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-16 19:24 - 2014-04-09 17:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-16 19:24 - 2014-03-16 19:24 - 00000000 ____D () C:\Users\ralle\AppData\Local\Microsoft Help
2014-03-15 19:51 - 2014-03-15 19:51 - 00000215 _____ () C:\Users\ralle\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2014-03-15 09:03 - 2014-03-15 09:03 - 00000215 _____ () C:\Users\ralle\Desktop\Call of Duty Modern Warfare 2.url
2014-03-13 23:29 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-13 23:29 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-13 23:29 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-13 23:29 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-03-13 23:29 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-13 23:29 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-13 23:29 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-13 23:29 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-13 23:29 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-13 23:29 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-13 23:29 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-13 23:29 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-13 23:29 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-03-13 23:29 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-03-13 23:29 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-03-13 23:29 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-03-13 23:29 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-03-13 23:29 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-03-13 23:29 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-03-13 23:29 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-03-13 23:29 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-03-13 23:29 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-03-13 23:29 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-03-13 23:29 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-03-13 23:29 - 2009-03-09 16:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-03-13 23:29 - 2009-03-09 16:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-03-13 23:29 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-03-13 23:29 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-03-13 23:28 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-03-13 23:28 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-03-13 23:28 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-03-13 23:28 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-03-13 23:28 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-03-13 23:28 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-03-13 23:28 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-13 23:28 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-13 23:28 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-13 23:28 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-13 23:28 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-13 23:28 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-03-13 23:28 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-03-13 23:28 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-03-13 23:28 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-03-13 23:28 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-03-13 23:28 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-03-13 23:28 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-03-13 23:28 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-03-13 23:28 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-03-13 23:28 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-03-13 23:28 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-03-13 23:28 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-03-13 23:28 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-03-13 23:28 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-03-13 23:28 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-03-13 23:28 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-03-13 23:28 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-03-13 23:28 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-03-13 23:28 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-03-13 23:28 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-03-13 23:28 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-03-13 23:28 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-03-13 23:28 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-13 23:28 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-13 23:28 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-13 23:28 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-13 23:28 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-13 23:28 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-13 23:28 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-13 23:28 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-13 23:28 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-13 23:28 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-13 23:28 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-13 23:28 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-13 23:28 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-13 23:28 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-13 23:28 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-13 23:28 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-13 23:28 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-13 23:28 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-13 23:28 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-13 23:28 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-13 23:27 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-13 23:27 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-13 23:27 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-13 23:27 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-13 23:27 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-13 23:27 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-13 23:27 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-13 23:27 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-13 23:27 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-13 23:25 - 2014-03-13 23:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-12 06:56 - 2014-02-07 12:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 06:56 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 06:56 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 06:56 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-11 22:03 - 2014-03-11 22:03 - 00000216 _____ () C:\Users\ralle\Desktop\Ragnarok Online - Free to Play - European Version.url
2014-03-11 21:32 - 2014-04-04 21:08 - 00000000 ____D () C:\Program Files\Steam
2014-03-11 21:32 - 2014-03-11 21:32 - 00000764 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-03-11 10:16 - 2014-03-12 06:47 - 00005882 _____ () C:\Windows\setupact.log
2014-03-11 10:16 - 2014-03-11 10:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-03-11 10:16 - 2014-03-11 10:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-11 10:09 - 2009-10-01 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-03-11 10:09 - 2009-10-01 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-03-11 10:09 - 2009-10-01 03:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-03-11 10:09 - 2009-09-10 04:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-03-11 10:09 - 2009-09-10 04:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-03-11 10:09 - 2009-09-10 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-11 10:09 - 2009-08-04 10:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-03-11 10:08 - 2009-10-01 03:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-03-11 10:08 - 2009-10-01 03:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-03-11 10:08 - 2009-10-01 03:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-03-11 10:08 - 2009-10-01 03:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-03-11 10:05 - 2014-03-18 14:51 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-11 10:02 - 2014-03-11 10:02 - 00362029 _____ () C:\Windows\system32\sqlite3.dll
2014-03-11 10:01 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-11 10:00 - 2014-03-11 10:03 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-11 10:00 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-03-11 10:00 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-03-11 10:00 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-03-11 10:00 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-03-11 10:00 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-03-11 10:00 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-03-11 10:00 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-03-11 10:00 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-03-11 09:54 - 2010-04-05 22:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-11 09:53 - 2009-10-09 23:56 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-03-11 09:53 - 2009-10-09 23:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2014-03-11 09:53 - 2009-10-09 23:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2014-03-11 09:53 - 2009-10-09 23:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2014-03-11 09:53 - 2009-10-09 23:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2014-03-11 09:53 - 2009-10-09 23:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2014-03-11 09:53 - 2009-10-09 23:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-03-11 09:53 - 2009-10-09 23:55 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2014-03-11 09:53 - 2009-10-09 23:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2014-03-11 09:53 - 2009-10-09 23:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2014-03-11 09:53 - 2009-10-09 23:55 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2014-03-11 09:53 - 2009-10-09 23:55 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2014-03-11 09:53 - 2009-08-01 08:27 - 00201184 _____ () C:\Windows\system32\winrm.vbs
2014-03-11 09:53 - 2009-07-16 19:30 - 00004675 _____ () C:\Windows\system32\wsmanconfig_schema.xml
2014-03-11 09:53 - 2009-07-16 19:30 - 00002426 _____ () C:\Windows\system32\WsmTxt.xsl
2014-03-11 09:44 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-11 09:44 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-03-11 09:44 - 2011-06-15 18:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-11 09:44 - 2011-03-12 23:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-11 09:44 - 2011-03-03 17:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2014-03-11 09:44 - 2011-03-03 15:35 - 04240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2014-03-11 09:44 - 2011-02-22 16:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-11 09:44 - 2010-08-26 18:34 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-03-11 09:44 - 2010-01-25 14:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-11 09:44 - 2010-01-25 14:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-11 09:44 - 2010-01-25 14:00 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-11 09:44 - 2010-01-25 14:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-11 09:44 - 2010-01-25 13:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-11 09:44 - 2010-01-25 10:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-11 09:44 - 2010-01-25 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-11 09:44 - 2010-01-25 10:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-11 09:44 - 2010-01-25 10:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-11 09:44 - 2009-10-23 19:10 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-11 09:44 - 2009-09-10 16:58 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
==================== One Month Modified Files and Folders =======
2014-04-10 14:44 - 2014-04-09 16:01 - 00011369 _____ () C:\Users\ralle\Downloads\FRST.txt
2014-04-10 14:43 - 2014-04-09 16:00 - 00000000 ____D () C:\FRST
2014-04-10 14:41 - 2014-04-10 13:56 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 14:39 - 2014-04-10 14:39 - 00000689 _____ () C:\Users\ralle\Desktop\JRT.txt
2014-04-10 14:35 - 2008-01-21 09:16 - 01565124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 14:34 - 2014-04-10 14:34 - 01016261 _____ (Thisisu) C:\Users\ralle\Downloads\JRT.exe
2014-04-10 14:34 - 2014-04-10 14:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 14:34 - 2008-01-21 03:35 - 01113970 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 14:31 - 2014-04-10 14:31 - 00002261 _____ () C:\Users\ralle\Desktop\AdwCleaner[S0].txt
2014-04-10 14:31 - 2014-03-10 16:47 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-10 14:30 - 2014-03-05 20:51 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-10 14:30 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 14:30 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-10 14:30 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-10 14:29 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 14:28 - 2014-04-10 14:26 - 00000000 ____D () C:\AdwCleaner
2014-04-10 14:24 - 2014-04-10 14:24 - 01426178 _____ () C:\Users\ralle\Downloads\adwcleaner.exe
2014-04-10 14:22 - 2014-04-10 14:22 - 00001817 _____ () C:\sss.txt
2014-04-10 14:19 - 2014-04-10 14:19 - 00001817 _____ () C:\Users\ralle\Desktop\mbam.txt
2014-04-10 14:13 - 2012-06-27 01:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 14:02 - 2014-03-05 20:51 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-10 13:55 - 2014-04-10 13:55 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 13:55 - 2014-04-10 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 13:55 - 2014-04-10 13:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-10 13:54 - 2014-04-10 13:53 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ralle\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 13:52 - 2012-06-26 20:00 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4084934381-725728229-4282650700-1000UA.job
2014-04-09 17:16 - 2014-03-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 17:14 - 2014-01-30 18:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 17:13 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 16:17 - 2014-04-09 16:17 - 00024124 _____ () C:\Users\ralle\Downloads\Addition (1).txt
2014-04-09 16:16 - 2014-04-09 16:16 - 00032837 _____ () C:\Users\ralle\Downloads\FRST (1).txt
2014-04-09 16:02 - 2014-04-09 16:01 - 00021938 _____ () C:\Users\ralle\Downloads\Addition.txt
2014-04-09 15:59 - 2014-04-09 15:59 - 01145856 _____ (Farbar) C:\Users\ralle\Downloads\FRST.exe
2014-04-07 12:51 - 2012-06-26 20:00 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4084934381-725728229-4282650700-1000Core.job
2014-04-06 12:39 - 2006-11-02 14:47 - 00372096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 20:54 - 2012-09-11 20:21 - 00000000 ____D () C:\Users\ralle\Desktop\MUSIK
2014-04-05 20:49 - 2012-06-12 18:56 - 00100432 _____ () C:\Users\ralle\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-05 20:29 - 2014-03-18 14:53 - 00002627 _____ () C:\Users\ralle\Desktop\Microsoft Office Word 2007.lnk
2014-04-04 21:08 - 2014-03-11 21:32 - 00000000 ____D () C:\Program Files\Steam
2014-04-03 09:51 - 2014-04-10 13:55 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 13:55 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 13:55 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-28 23:44 - 2014-03-18 14:48 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-28 21:21 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-28 21:21 - 2006-11-02 12:23 - 00000219 _____ () C:\Windows\win.ini
2014-03-23 19:18 - 2008-01-21 04:47 - 00113962 _____ () C:\Windows\PFRO.log
2014-03-23 18:58 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-23 18:57 - 2014-03-18 14:52 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-23 18:55 - 2014-03-23 18:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-23 18:55 - 2014-03-23 18:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-23 00:57 - 2014-03-10 16:30 - 00000102 _____ () C:\Users\ralle\Desktop\Neues Textdokument.txt
2014-03-22 22:24 - 2012-08-09 13:08 - 00000000 ____D () C:\Users\ralle\Desktop\Ausbildung
2014-03-22 14:39 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-18 14:52 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-03-18 14:51 - 2014-03-18 14:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-18 14:51 - 2014-03-11 10:05 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-18 14:51 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2014-03-18 14:49 - 2014-03-18 14:49 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-03-16 23:00 - 2014-02-02 22:28 - 00000000 ____D () C:\Users\ralle\Desktop\Neuer Ordner
2014-03-16 19:24 - 2014-03-16 19:24 - 00000000 ____D () C:\Users\ralle\AppData\Local\Microsoft Help
2014-03-15 19:51 - 2014-03-15 19:51 - 00000215 _____ () C:\Users\ralle\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2014-03-15 09:03 - 2014-03-15 09:03 - 00000215 _____ () C:\Users\ralle\Desktop\Call of Duty Modern Warfare 2.url
2014-03-13 23:25 - 2014-03-13 23:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-13 21:42 - 2012-06-12 19:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 21:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-03-13 21:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-13 21:21 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-12 06:47 - 2014-03-11 10:16 - 00005882 _____ () C:\Windows\setupact.log
2014-03-11 22:03 - 2014-03-11 22:03 - 00000216 _____ () C:\Users\ralle\Desktop\Ragnarok Online - Free to Play - European Version.url
2014-03-11 21:40 - 2012-06-26 20:09 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-03-11 21:32 - 2014-03-11 21:32 - 00000764 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-11 21:13 - 2012-06-27 01:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-11 21:13 - 2012-06-27 01:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-03-11 10:17 - 2008-01-21 09:15 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\th-TH
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\it-IT
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\he-IL
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\et-EE
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\el-GR
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-03-11 10:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-03-11 10:16 - 2014-03-11 10:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-03-11 10:16 - 2014-03-11 10:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-11 10:03 - 2014-03-11 10:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-11 10:02 - 2014-03-11 10:02 - 00362029 _____ () C:\Windows\system32\sqlite3.dll
2014-03-11 10:01 - 2014-03-10 19:07 - 00000000 ____D () C:\Users\ralle\AppData\Roaming\sweet-page
Some content of TEMP:
====================
C:\Users\ralle\AppData\Local\Temp\avgnt.exe
C:\Users\ralle\AppData\Local\Temp\ose00000.exe
C:\Users\ralle\AppData\Local\Temp\ose00001.exe
C:\Users\ralle\AppData\Local\Temp\ose00002.exe
C:\Users\ralle\AppData\Local\Temp\ose00003.exe
C:\Users\ralle\AppData\Local\Temp\ose00004.exe
C:\Users\ralle\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 14:37
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
PS: Werbungsproblem NOCH nicht behoben?!..
Was kann ich jetzt tun ;_;
An dieser Stelle erst mal ein DANKESCHÖÖÖN!! Die ganzen Programme scheinen ja schon viel Schadsoftware gefunden zu haben 0.0 Unglaublich das ihr sowas KOSTENLOS macht °.°
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
