Hallo
ich kann das Programm bzw. die Programme Additional scan result of Farbar Recovery scan Tool nicht finen
AdwCleaner Logfile:
Code:
# AdwCleaner v3.307 - Bericht erstellt am 20/08/2014 um 22:15:26
# Aktualisiert 17/08/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Janin - JANIN-PC
# Gestartet von : C:\Users\Janin\Desktop\adwcleaner_3.307.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Superfish
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [25397 octets] - [19/08/2014 18:36:13]
AdwCleaner[R1].txt - [1488 octets] - [20/08/2014 22:11:20]
AdwCleaner[S0].txt - [22405 octets] - [19/08/2014 18:38:44]
AdwCleaner[S1].txt - [1409 octets] - [20/08/2014 22:15:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1469 octets] ##########
--- --- ---
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Suchlauf Datum: 20.08.2014
Suchlauf-Zeit: 21:38:48
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.20.07
Rootkit Datenbank: v2014.08.16.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Janin
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 306362
Verstrichene Zeit: 17 Min, 17 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 1
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe, 1816, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23]
Module: 4
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
Registrierungsschlüssel: 17
PUP.Optional.PowerfulBrowse.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update PowerfulBrowse, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2d2873ba-db4e-4e29-8619-e16cf86fb9bb}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{b6a896f6-368e-4bdc-b62a-7c9eb44a84f3}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1A2F93F4-2754-470B-B703-AEAD47B7F74B}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1A2F93F4-2754-470B-B703-AEAD47B7F74B}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{b6a896f6-368e-4bdc-b62a-7c9eb44a84f3}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Keine Aktion durch Benutzer, [4d8aeade4b3064d26cf2a6c8fa08738d],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PowerfulBrowse, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\PowerfulBrowse, Keine Aktion durch Benutzer, [87503296245773c3328a6c8e907253ad],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.5, Keine Aktion durch Benutzer, [2cabecdc4d2e3afc5b8a5fae1ee555ab],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlay-Air, Keine Aktion durch Benutzer, [d403face7cff2d09c219ed5b7c889c64],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PowerfulBrowse, Keine Aktion durch Benutzer, [aa2da7212f4cdb5b3d7ee8124fb3fc04],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 20
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.PowerfulBrowse.A, C:\Users\Janin\AppData\Local\Temp\PowerfulBrowse, Keine Aktion durch Benutzer, [ce0909bf92e962d415d46070a75bb54b],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{59F3D9CD-AE26-460F-9897-679BB0B256D1}, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.CrossRider.A, C:\Users\Janin\AppData\Local\Google\Chrome\User Data\default\extensions\dnaojefanpmakfgcaliphepgoiiafmpf, Keine Aktion durch Benutzer, [409701c7c3b8e84ebc9143926b9706fa],
PUP.Optional.CrossRider.A, C:\Users\Janin\AppData\Local\Google\Chrome\User Data\default\extensions\dnaojefanpmakfgcaliphepgoiiafmpf\1.26.33_0, Keine Aktion durch Benutzer, [409701c7c3b8e84ebc9143926b9706fa],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
Dateien: 78
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.AllDaySavings.A, C:\Users\Janin\AppData\Local\Temp\air8A6.exe, Keine Aktion durch Benutzer, [fadd695fe398b086c3a2d891b74bd12f],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\dlLogic.exe, Keine Aktion durch Benutzer, [d304d8f0e9929a9cfbe5dd65867af010],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\dltr.exe, Keine Aktion durch Benutzer, [5a7de0e88dee83b3934e1e2406fa05fb],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\verifier.exe, Keine Aktion durch Benutzer, [eceb299f3b40e5514c95ab9748b8d32d],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll, Keine Aktion durch Benutzer, [9f382e9a1269d0667f6088bad22ee61a],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\nsd94C9.tmp\nsBaliWeb.dll, Keine Aktion durch Benutzer, [87506b5d8af18da9a179551270927c84],
PUP.Optional.PCPerformer.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_12721.decrpt, Keine Aktion durch Benutzer, [22b57751b0cbb87e05191ef8b74ab14f],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_15489, Keine Aktion durch Benutzer, [be190cbc6714b6805e82a69c1fe19967],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_16786, Keine Aktion durch Benutzer, [29ae30988cef1026c6bf74c034cc1de3],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_17135, Keine Aktion durch Benutzer, [83543a8e0477bb7bd1b413213fc1d729],
PUP.Optional.PCPerformer.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\PCPerformerSetup, Keine Aktion durch Benutzer, [f3e4c305cab1bb7b9d815fb70ef3d22e],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\SearchProtectInstaller, Keine Aktion durch Benutzer, [785fdfe9413aa4929a46e35ff01018e8],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\ZulaGamesSetup, Keine Aktion durch Benutzer, [d106d5f3413a56e0fb8a4aea31cf8878],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\nsw2158.tmp\PailaSM.dll, Keine Aktion durch Benutzer, [10c70cbc7a01092d30d854155aa8c23e],
PUP.Optional.Wajam.A, C:\Users\Janin\AppData\Local\Temp\F0F3tmp\wajam_download.exe, Keine Aktion durch Benutzer, [b52286424c2f0531c85eb88fdb25bd43],
PUP.Optional.CrossRider, C:\Users\Janin\AppData\Local\Temp\F144tmp\setup.exe, Keine Aktion durch Benutzer, [e6f1428614672313e9ddbfe86b961ae6],
PUP.Optional.SupraSavings.A, C:\Users\Janin\AppData\Local\Temp\F1A4tmp\f978377c-b7d4-4536-8e10-14ca97b13394.exe, Keine Aktion durch Benutzer, [cc0bd5f342396ec818c8322858aa8080],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\is-RG0GC.tmp\InstallManagerR.exe, Keine Aktion durch Benutzer, [746308c0413ad75f9d7d7ee99e6401ff],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\B6CDtmp\spidentifierimpl.exe, Keine Aktion durch Benutzer, [44938c3c93e83bfb86f8e6a9f80924dc],
PUP.Optional.AirAdInstaller, C:\Users\Janin\Downloads\setup.exe, Keine Aktion durch Benutzer, [8552a028ec8fbc7a5fda9d9d966a24dc],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse.ico, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\0, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\7za.exe, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseUninstall.exe, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.InstallState, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon128.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon16.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon48.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.PowerfulBrowse.A, C:\Users\Janin\AppData\Local\Temp\PowerfulBrowse\7za.exe, Keine Aktion durch Benutzer, [ce0909bf92e962d415d46070a75bb54b],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleCrashHandler.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdate.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateBroker.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateHelper.msi, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateOnDemand.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\goopdate.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\goopdateres_en.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\npGoogleUpdate4.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\psmachine.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\psuser.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
Physische Sektoren: 0
(No malicious items detected)
(end)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Janin on 20.08.2014 at 22:27:11,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Janin\appdata\locallow\boost_interprocess"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.08.2014 at 22:34:49,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 20-08-2014 22:44:07
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]
Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 21:38 - 2014-08-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 21:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 21:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-19 20:16 - 2014-08-19 20:18 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-20 22:15 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 14:35 - 2014-08-19 17:57 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-07-21 14:27 - 2014-08-19 17:52 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-07-21 14:27 - 2014-08-19 17:52 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 22:44 - 2014-08-19 20:15 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-20 22:44 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-20 22:36 - 2013-05-22 18:09 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:27 - 2013-12-15 19:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:22 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-20 22:18 - 2014-02-15 14:06 - 00000000 __RDO () C:\Users\Janin\SkyDrive
2014-08-20 22:17 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-20 22:16 - 2013-11-14 00:18 - 00088018 _____ () C:\WINDOWS\PFRO.log
2014-08-20 22:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 22:15 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-20 22:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 22:04 - 2014-08-20 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:59 - 2014-02-15 11:43 - 01726978 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-20 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-20 21:06 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 20:18 - 2014-08-19 20:16 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\setup.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-19 19:09
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 20-08-2014 22:44:07
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]
Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 21:38 - 2014-08-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 21:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 21:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-19 20:16 - 2014-08-19 20:18 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-20 22:15 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 14:35 - 2014-08-19 17:57 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-07-21 14:27 - 2014-08-19 17:52 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-07-21 14:27 - 2014-08-19 17:52 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 22:44 - 2014-08-19 20:15 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-20 22:44 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-20 22:36 - 2013-05-22 18:09 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:27 - 2013-12-15 19:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:22 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-20 22:18 - 2014-02-15 14:06 - 00000000 __RDO () C:\Users\Janin\SkyDrive
2014-08-20 22:17 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-20 22:16 - 2013-11-14 00:18 - 00088018 _____ () C:\WINDOWS\PFRO.log
2014-08-20 22:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 22:15 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-20 22:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 22:04 - 2014-08-20 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:59 - 2014-02-15 11:43 - 01726978 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-20 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-20 21:06 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 20:18 - 2014-08-19 20:16 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\setup.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-19 19:09
==================== End Of Log ============================
--- --- ---
--- --- ---