Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ich hab auch den Omiga Virus (https://www.trojaner-board.de/157792-hab-omiga-virus.html)

susikirsche 19.08.2014 18:50
Ich hab auch den Omiga Virus
 
Hallo,
hab den Rechner von meiner Schwägerin und hab versucht die Omiga Software zu deinstallieren leider ohne Erfolg und dann öffnen sich bei jeder Aktion lauter Werbefenster und dann meldet sich mein Antivieren Programm das eine Bedrohung gefunden wurde. Hilfe rettet mich bitte, bekomme hier die Krise bei den ganzen Fenstern. Danke schon im vorraus

schrauber 19.08.2014 18:53
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


susikirsche 19.08.2014 19:19
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Janin at 2014-08-19 20:16:09
Running from C:\Users\Janin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8GadgetPack (HKLM-x32\...\{DE18940E-5986-480A-8518-7327D14756D3}) (Version: 6.0.0 - Helmut Buhler)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.2914 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.30.319 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.30.319 - DVDVideoSoft Ltd.)
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.134244 - Koyote-Lab Inc) <==== ATTENTION
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
omiga-plus uninstall (HKLM-x32\...\omiga-plus uninstall) (Version:  - omiga-plus)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PowerfulBrowse (HKLM\...\PowerfulBrowse) (Version: 2014.07.17.120655 - PowerfulBrowse)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.6.4 - Reimage)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ATTENTION
ViUpdater (HKLM-x32\...\ViUpdater) (Version: 1.0.0.5 - Lee-Soft.com)
Windows Driver Package - ASUS (ATP) Mouse  (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-08-2014 19:02:54 avast! antivirus system restore point
19-08-2014 16:21:22 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {054B3486-221A-4FBC-9247-2D9066F7C2DB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-03] (AVAST Software)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C8A022C-1282-405A-B7C9-832290A13D73} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2B4AAF10-89DE-4F8B-A7A1-3598C7A09111} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DB4EFFE-43DF-4F98-9963-1B6C658AC883} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3842BF4F-181F-493F-B7D0-322C2AE62F40} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4195FB40-7E73-4CB7-85D0-2D04D243259F} - \4677 No Task File <==== ATTENTION
Task: {43291192-EC15-4B7A-BDB8-CD9CFADFB401} - \0 No Task File <==== ATTENTION
Task: {45BD9F3A-A87E-43A4-9AD7-CC318D1E9659} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek)
Task: {472E0C64-FCEC-4661-8D80-7593239EB339} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {677BF4D0-43EA-43A2-BA2A-1B35F35AC00D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-07-09] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6CA76682-FB9B-4A22-A3CE-D438008D0640} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {72B0EE90-03FE-4EFD-8FBF-85FD4DF4B9AF} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B9AF23A-FF28-4F9F-9B29-6FE292766628} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6152EB5-A233-4CE2-951B-B7A068F7026A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {A87AC6A4-1635-4C6A-B8D8-F3485A5E353F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-19] (Microsoft Corporation)
Task: {ABC7DC95-12CE-4814-A8DE-48A4C95D64FB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {AD5014B8-5A84-4C80-8B3F-667E0FBC7BDE} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {AF676235-AE75-4859-A65F-B4E3B5387F0C} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {BE5D3C97-BFE0-4AFE-9C7B-C53F88C54861} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1B2476F-9EF7-4DBD-9CC6-D8E662881BAF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8367CD9-3E07-4E38-9298-F8364FC06DE0} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe

==================== Loaded Modules (whitelisted) =============

2014-03-22 19:17 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-17 14:06 - 2014-07-17 14:06 - 00321832 _____ () C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-03 21:05 - 2014-08-03 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-19 17:56 - 2014-08-19 17:56 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081800\algo.dll
2014-08-19 18:46 - 2014-08-19 18:46 - 02799616 _____ () C:\Program Files\AVAST Software\Avast\defs\14081900\algo.dll
2012-09-11 16:01 - 2012-09-11 16:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-08-03 21:05 - 2014-08-03 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-19 09:03 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Janin\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKCU\...\StartupApproved\Run: => "Power2GoExpress"
HKCU\...\StartupApproved\Run: => "ViStart"
HKCU\...\StartupApproved\Run: => "NukeMetro"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/19/2014 06:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x226c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/19/2014 06:22:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/19/2014 06:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: video MediaPlay-Air-bho.dll_unloaded, Version: 1.0.0.1, Zeitstempel: 0x53bfb74d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005d6a8
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/19/2014 06:13:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x27ac
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/19/2014 05:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x45d0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/19/2014 05:31:58 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (08/08/2014 05:58:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00000fd
Fehleroffset: 0xf637c9da
ID des fehlerhaften Prozesses: 0x780
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/08/2014 05:57:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17c0

Startzeit: 01cfb3213b646f48

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID: 9bb0bc6d-1f14-11e4-bef8-74d02b24332b

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/08/2014 05:42:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x498
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/08/2014 05:25:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.17207, Zeitstempel: 0x53a217f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008737
ID des fehlerhaften Prozesses: 0x1754
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


System errors:
=============
Error: (08/19/2014 06:55:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/19/2014 06:55:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/19/2014 06:47:28 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a29\??\C:\Users\Janin\ntuser.dat

Error: (08/19/2014 06:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Reimage Real Time Protector" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/19/2014 06:46:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083

Error: (08/19/2014 06:35:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/19/2014 06:35:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/19/2014 06:10:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/08/2014 05:56:07 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (08/08/2014 05:27:28 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: JANIN-PC)
Description: 0x8000002a114\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1994594616-1859465388-4855079-1001-0-ntuser.dat


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 46%
Total physical RAM: 3979.68 MB
Available physical RAM: 2126.38 MB
Total Pagefile: 4683.68 MB
Available Pagefile: 2590.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:133.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:255.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 19-08-2014 20:17:02
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]

Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-19] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 20:16 - 2014-08-19 20:16 - 00033371 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-19 20:17 - 00015432 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-19 20:17 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:56 - 2014-08-19 18:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 18:56 - 2014-08-19 18:56 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-19 18:56 - 2014-08-19 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-19 18:56 - 2014-08-19 18:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-19 18:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-19 18:56 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-19 18:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-19 18:39 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 14:35 - 2014-08-19 17:57 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-07-21 14:27 - 2014-08-19 17:52 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-07-21 14:27 - 2014-08-19 17:52 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 20:17 - 2014-08-19 20:15 - 00015432 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:17 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-19 20:16 - 2014-08-19 20:16 - 00033371 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 19:53 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-19 19:21 - 2014-02-15 11:43 - 01672073 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-19 19:08 - 2013-05-22 18:09 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-19 18:56 - 2014-08-19 18:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 18:56 - 2014-08-19 18:56 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-19 18:56 - 2014-08-19 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-19 18:56 - 2014-08-19 18:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-19 18:52 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-19 18:49 - 2014-02-15 14:06 - 00000000 ___DO () C:\Users\Janin\SkyDrive
2014-08-19 18:47 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:46 - 2013-11-14 00:18 - 00086296 _____ () C:\WINDOWS\PFRO.log
2014-08-19 18:46 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-19 18:44 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:38 - 2014-05-24 10:52 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-19 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:32 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 19:09

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 20.08.2014 10:52
Adware & Co. deinstallieren




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

susikirsche 20.08.2014 21:45
Hallo
ich kann das Programm bzw. die Programme Additional scan result of Farbar Recovery scan Tool nicht finen

AdwCleaner Logfile:
Code:
# AdwCleaner v3.307 - Bericht erstellt am 20/08/2014 um 22:15:26
# Aktualisiert 17/08/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Janin - JANIN-PC
# Gestartet von : C:\Users\Janin\Desktop\adwcleaner_3.307.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\globalUpdate

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Superfish
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [25397 octets] - [19/08/2014 18:36:13]
AdwCleaner[R1].txt - [1488 octets] - [20/08/2014 22:11:20]
AdwCleaner[S0].txt - [22405 octets] - [19/08/2014 18:38:44]
AdwCleaner[S1].txt - [1409 octets] - [20/08/2014 22:15:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1469 octets] ##########
--- --- ---

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 20.08.2014
Suchlauf-Zeit: 21:38:48
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.20.07
Rootkit Datenbank: v2014.08.16.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Janin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 306362
Verstrichene Zeit: 17 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 1
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe, 1816, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23]

Module: 4
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],

Registrierungsschlüssel: 17
PUP.Optional.PowerfulBrowse.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update PowerfulBrowse, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2d2873ba-db4e-4e29-8619-e16cf86fb9bb}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{b6a896f6-368e-4bdc-b62a-7c9eb44a84f3}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1A2F93F4-2754-470B-B703-AEAD47B7F74B}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1A2F93F4-2754-470B-B703-AEAD47B7F74B}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{b6a896f6-368e-4bdc-b62a-7c9eb44a84f3}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2D2873BA-DB4E-4E29-8619-E16CF86FB9BB}, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Keine Aktion durch Benutzer, [4d8aeade4b3064d26cf2a6c8fa08738d],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PowerfulBrowse, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, HKLM\SOFTWARE\WOW6432NODE\PowerfulBrowse, Keine Aktion durch Benutzer, [87503296245773c3328a6c8e907253ad],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.5, Keine Aktion durch Benutzer, [2cabecdc4d2e3afc5b8a5fae1ee555ab],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlay-Air, Keine Aktion durch Benutzer, [d403face7cff2d09c219ed5b7c889c64],
PUP.Optional.PowerfulBrowse.A, HKU\S-1-5-21-1994594616-1859465388-4855079-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PowerfulBrowse, Keine Aktion durch Benutzer, [aa2da7212f4cdb5b3d7ee8124fb3fc04],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 20
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.PowerfulBrowse.A, C:\Users\Janin\AppData\Local\Temp\PowerfulBrowse, Keine Aktion durch Benutzer, [ce0909bf92e962d415d46070a75bb54b],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{59F3D9CD-AE26-460F-9897-679BB0B256D1}, Keine Aktion durch Benutzer, [9740cff9a4d7112544f6ae2721e149b7],
PUP.Optional.CrossRider.A, C:\Users\Janin\AppData\Local\Google\Chrome\User Data\default\extensions\dnaojefanpmakfgcaliphepgoiiafmpf, Keine Aktion durch Benutzer, [409701c7c3b8e84ebc9143926b9706fa],
PUP.Optional.CrossRider.A, C:\Users\Janin\AppData\Local\Google\Chrome\User Data\default\extensions\dnaojefanpmakfgcaliphepgoiiafmpf\1.26.33_0, Keine Aktion durch Benutzer, [409701c7c3b8e84ebc9143926b9706fa],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],

Dateien: 78
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe, Keine Aktion durch Benutzer, [5b7cb1179ae16fc7780f0a7d43bedd23],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll, Keine Aktion durch Benutzer, [00d78543c9b278be4442c6c1ca37c040],
PUP.Optional.AllDaySavings.A, C:\Users\Janin\AppData\Local\Temp\air8A6.exe, Keine Aktion durch Benutzer, [fadd695fe398b086c3a2d891b74bd12f],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\dlLogic.exe, Keine Aktion durch Benutzer, [d304d8f0e9929a9cfbe5dd65867af010],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\dltr.exe, Keine Aktion durch Benutzer, [5a7de0e88dee83b3934e1e2406fa05fb],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\verifier.exe, Keine Aktion durch Benutzer, [eceb299f3b40e5514c95ab9748b8d32d],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll, Keine Aktion durch Benutzer, [9f382e9a1269d0667f6088bad22ee61a],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\nsd94C9.tmp\nsBaliWeb.dll, Keine Aktion durch Benutzer, [87506b5d8af18da9a179551270927c84],
PUP.Optional.PCPerformer.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_12721.decrpt, Keine Aktion durch Benutzer, [22b57751b0cbb87e05191ef8b74ab14f],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_15489, Keine Aktion durch Benutzer, [be190cbc6714b6805e82a69c1fe19967],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_16786, Keine Aktion durch Benutzer, [29ae30988cef1026c6bf74c034cc1de3],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_17135, Keine Aktion durch Benutzer, [83543a8e0477bb7bd1b413213fc1d729],
PUP.Optional.PCPerformer.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\PCPerformerSetup, Keine Aktion durch Benutzer, [f3e4c305cab1bb7b9d815fb70ef3d22e],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\SearchProtectInstaller, Keine Aktion durch Benutzer, [785fdfe9413aa4929a46e35ff01018e8],
PUP.Optional.BesttoolBars, C:\Users\Janin\AppData\Local\Temp\53wa6llb7\ZulaGamesSetup, Keine Aktion durch Benutzer, [d106d5f3413a56e0fb8a4aea31cf8878],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\nsw2158.tmp\PailaSM.dll, Keine Aktion durch Benutzer, [10c70cbc7a01092d30d854155aa8c23e],
PUP.Optional.Wajam.A, C:\Users\Janin\AppData\Local\Temp\F0F3tmp\wajam_download.exe, Keine Aktion durch Benutzer, [b52286424c2f0531c85eb88fdb25bd43],
PUP.Optional.CrossRider, C:\Users\Janin\AppData\Local\Temp\F144tmp\setup.exe, Keine Aktion durch Benutzer, [e6f1428614672313e9ddbfe86b961ae6],
PUP.Optional.SupraSavings.A, C:\Users\Janin\AppData\Local\Temp\F1A4tmp\f978377c-b7d4-4536-8e10-14ca97b13394.exe, Keine Aktion durch Benutzer, [cc0bd5f342396ec818c8322858aa8080],
PUP.Optional.InstallMonetizer, C:\Users\Janin\AppData\Local\Temp\is-RG0GC.tmp\InstallManagerR.exe, Keine Aktion durch Benutzer, [746308c0413ad75f9d7d7ee99e6401ff],
PUP.Optional.Conduit.A, C:\Users\Janin\AppData\Local\Temp\B6CDtmp\spidentifierimpl.exe, Keine Aktion durch Benutzer, [44938c3c93e83bfb86f8e6a9f80924dc],
PUP.Optional.AirAdInstaller, C:\Users\Janin\Downloads\setup.exe, Keine Aktion durch Benutzer, [8552a028ec8fbc7a5fda9d9d966a24dc],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse.ico, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\0, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\7za.exe, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseUninstall.exe, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.PowerfulBrowse.A, C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.InstallState, Keine Aktion durch Benutzer, [ab2c3e8ab4c76ec84e6c16e439c9b14f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon128.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon16.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon48.png, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.SpeedAnalysis.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css, Keine Aktion durch Benutzer, [5384cefa7dfe2d09b94d468a4db5669a],
PUP.Optional.PowerfulBrowse.A, C:\Users\Janin\AppData\Local\Temp\PowerfulBrowse\7za.exe, Keine Aktion durch Benutzer, [ce0909bf92e962d415d46070a75bb54b],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.FreeGames.A, C:\Users\Janin\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, Keine Aktion durch Benutzer, [3c9bf9cf90eb74c2920e379ce81a20e0],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleCrashHandler.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdate.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateBroker.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateHelper.msi, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\GoogleUpdateOnDemand.exe, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\goopdate.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\goopdateres_en.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\npGoogleUpdate4.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\psmachine.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],
PUP.Optional.GlobalUpdate.A, C:\Users\Janin\AppData\Local\Temp\comh.430773\psuser.dll, Keine Aktion durch Benutzer, [785f1dab64173df99cba587d08fa27d9],

Physische Sektoren: 0
(No malicious items detected)


(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Janin on 20.08.2014 at 22:27:11,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Janin\appdata\locallow\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.08.2014 at 22:34:49,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 20-08-2014 22:44:07
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]

Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 21:38 - 2014-08-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 21:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 21:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-19 20:16 - 2014-08-19 20:18 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-20 22:15 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 14:35 - 2014-08-19 17:57 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-07-21 14:27 - 2014-08-19 17:52 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-07-21 14:27 - 2014-08-19 17:52 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 22:44 - 2014-08-19 20:15 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-20 22:44 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-20 22:36 - 2013-05-22 18:09 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:27 - 2013-12-15 19:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:22 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-20 22:18 - 2014-02-15 14:06 - 00000000 __RDO () C:\Users\Janin\SkyDrive
2014-08-20 22:17 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-20 22:16 - 2013-11-14 00:18 - 00088018 _____ () C:\WINDOWS\PFRO.log
2014-08-20 22:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 22:15 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-20 22:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 22:04 - 2014-08-20 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:59 - 2014-02-15 11:43 - 01726978 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-20 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-20 21:06 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 20:18 - 2014-08-19 20:16 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\setup.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 19:09

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 20-08-2014 22:44:07
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]

Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 21:38 - 2014-08-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 21:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 21:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-19 20:16 - 2014-08-19 20:18 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-20 22:44 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-20 22:15 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 14:35 - 2014-08-19 17:57 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-07-21 14:27 - 2014-08-19 17:52 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-07-21 14:27 - 2014-08-19 17:52 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 22:44 - 2014-08-19 20:15 - 00015012 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-20 22:44 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-20 22:36 - 2013-05-22 18:09 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:27 - 2013-12-15 19:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:22 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-20 22:18 - 2014-02-15 14:06 - 00000000 __RDO () C:\Users\Janin\SkyDrive
2014-08-20 22:17 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-20 22:16 - 2013-11-14 00:18 - 00088018 _____ () C:\WINDOWS\PFRO.log
2014-08-20 22:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 22:15 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-20 22:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 22:04 - 2014-08-20 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:59 - 2014-02-15 11:43 - 01726978 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-20 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-20 21:06 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 20:18 - 2014-08-19 20:16 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\setup.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 19:09

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 21.08.2014 17:16

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

susikirsche 22.08.2014 21:08
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=daa15f6aa3998b4cb7612a3da5a02305
# engine=19787
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-22 06:32:20
# local_time=2014-08-22 08:32:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 265578 173152830 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 269513 13115861 0 0
# scanned=183576
# found=128
# cleaned=0
# scan_time=3510
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir"
sh=A62BEBC1A5E9FC9EEC4552562B6C8C4908431F84 ft=1 fh=c5007086194fcd03 vn="MSIL/AdvancedSystemProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AdvancedSystemProtector.exe.vir"
sh=0C9901BB504B8B0B186897503DF7F8E570FF53F9 ft=1 fh=5bbb197ca4951648 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\AspManager.exe.vir"
sh=6965E24F9D76718431E4740AA7D55E3ABFED527B ft=1 fh=53aa88803e7b2067 vn="Win32/Systweak.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Communication.dll.vir"
sh=B3A736455F1FE0B40D585B6BB8E02A700153B008 ft=1 fh=3320d2a9bc3f6d8b vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\filetypehelper.exe.vir"
sh=BFE2580847B94363149D083E02ABB479983477CC ft=1 fh=c50f6c31fb2164d8 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\scandll.dll.vir"
sh=1A278C9611A807BB4319B4DBC0CC28D5B61139E2 ft=1 fh=dc9029d19ecf454f vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\SSDPTstub.exe.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.com.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.exe.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.pif.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\asp-fixer.scr.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\firefox.com.vir"
sh=1ADDE75AD04B8CF6B1610F58E60E0503146AD3F9 ft=1 fh=ebd9efbe7d273f46 vn="MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ASP\Troubleshooter\iexplore.exe.vir"
sh=AFE7868263BF74E0D259E31632F2639A028F1540 ft=1 fh=6225474dfe0823a5 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_de_90\freeSoftToday_widget.exe.vir"
sh=8892EFBCD03E04112A9C4F1DEB10EDDBF09AD466 ft=1 fh=193290a9b14ab86e vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\fst_de_90\fst_de_90.exe.vir"
sh=D20BF9B3DB2A4F5A771F6568BE61DF3CBC4361CF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PSHD-9.9\360-52916.crx.vir"
sh=149AC665AC1544589FFFE0D2F934D1839D774510 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PSHD-9.9\52916.crx.vir"
sh=1B58318870FAF5019FD95791F8C1CC8FEF40771D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PSHD-9.9\52916.xpi.vir"
sh=24CEFE24F90A06387E75F6010692802B2ADFA129 ft=1 fh=61bb9c682df24a4c vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\systweakasp.exe.vir"
sh=BD6A712D3704A9CF74050B657734969879E13391 ft=1 fh=571f959791f02ce8 vn="Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software Updater\SoftwareUpdater.exe.vir"
sh=0ED4B9FCCE9A375DDF372F3368DF2C541215BBBE ft=1 fh=c71c00118bf034d2 vn="Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software Updater\Uninstall.exe.vir"
sh=1DBF1556C82A78CA45882E66DD83C0A977BF8D23 ft=1 fh=328989ef9803066c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=EA186A56E0445AF8E5F382F56F42F91682CFED3B ft=1 fh=875c743a5b727b00 vn="Win32/ELEX.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=9E90A050EB0BB1CEAB5633BCE404E5D5BC307647 ft=1 fh=2563181150dc44ea vn="Win32/Thinknice.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=C03584BE4ED7835858158D1C38D6B08317E2FC82 ft=1 fh=a96a1125b953bd6a vn="Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=67642DACDC22ED45AF7947E4F47B1B8463E4162C ft=1 fh=b08cc40f36e9035a vn="Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=9042385F0336C5429FCD45FC347CC29A9BC06BB0 ft=1 fh=a7a426d7c77c80fb vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=49B4901B901E0C3EF008331D6B91265DC16A0839 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\360-59599.crx.vir"
sh=E11C97B1B8DD7F41BD225565150077346B0EAB6D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\59599.crx.vir"
sh=796FE663323A418E7907EDA4B4530838C51B147C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\59599.xpi.vir"
sh=F777358C650D9612A65BD1500AE86096CCB06AAB ft=1 fh=6e54329d92de6791 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07-11.exe.vir"
sh=597F319908EA3C5038E11FA88F414527C9A23D8D ft=1 fh=d58f9f29d7b92fb1 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07-2.exe.vir"
sh=F777358C650D9612A65BD1500AE86096CCB06AAB ft=1 fh=6e54329d92de6791 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07-3.exe.vir"
sh=E3E898F995BE5A2D3560D882C9855208CB29EEFF ft=1 fh=4a898df522e0dff3 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07-4.exe.vir"
sh=6DA48F8376C67C49834AB87EA0593D63105E24B0 ft=1 fh=497c3522db5ef322 vn="Variante von Win32/Toolbar.CrossRider.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07-5.exe.vir"
sh=E11C97B1B8DD7F41BD225565150077346B0EAB6D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\d628d253-1d5a-4d55-af6c-03fe72333b07.crx.vir"
sh=7FCDFBDBA38A3552E00441CD7564BFAC398AD976 ft=1 fh=5fc16e1d26a1b24f vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bg.exe.vir"
sh=BFAD0B195A20B798A936117D12F86DDFB7ABD118 ft=1 fh=d0659bf295e36ac4 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll.vir"
sh=0F6AC5EFD7A0491A7463E06782EF153D49EA1459 ft=1 fh=e5fa268b27ca69fb vn="Variante von Win64/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll.vir"
sh=934338690D65CBF647FC6A492EF8360A9B829741 ft=1 fh=726fcc8d5844f3e9 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe.vir"
sh=58082C6FD69B624C913A4F5B4F0E1641EAAB2C6F ft=1 fh=311ff3fd5f86bccf vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=9CA8EBFF024F34D076C7BFFF92B978D99251DC66 ft=1 fh=03cf8fdbea9a76d3 vn="Variante von Win32/ELEX.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=47B2510AC14610B3FFCD542E38892E57F90DA9D6 ft=1 fh=dc5028a159107125 vn="Variante von Win32/Adware.EoRezo.AJ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\fst_de_90\upfst_de_90.exe.vir"
sh=CC58B3473808EC3B23B3DAD650AD12DE75496EA2 ft=1 fh=4409ce9c5b65fae7 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\fst_de_90\Download\majfst.exe.vir"
sh=40E293BAA8069FED02956850D3ED342F4B643132 ft=1 fh=8fdea6010886300c vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\fst_de_90\Download\majfst_gentlede.exe.vir"
sh=AA5C1027C70F4A7FD288E68033EDED767A4E1011 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\Mobogenie\Version\CacheVersion\Mobogenie2.2.0.zip.vir"
sh=61873E3E3CDDF1F11744CF639E1BB6E7BD6E2A17 ft=1 fh=46b6a290d03f3b20 vn="Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\torch\Helper.dll.vir"
sh=0D9A02E592E73294B340B06049AD03B70D383586 ft=1 fh=377b7b6344a0d4b0 vn="Variante von Win32/TorchMedia evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\torch\Uninstall.exe.vir"
sh=E1D752C9822A2520A30747FFC25BF4E3A9D461FD ft=1 fh=d316a4a4df8e33df vn="Variante von Win32/TorchMedia evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\torch\Update\Download\TorchSetup.exe.vir"
sh=F178C38848BDD54B93CCE8260C97038114EA2515 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Local\torch\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf\1.26.33_0\extensionData\plugins\91.js.vir"
sh=D1EBBF5E9C50C5D171ACB0E875A7A7979BE86F52 ft=0 fh=0000000000000000 vn="Win32/SearchPlugin.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Roaming\Systweak\Advanced-System-Protector\Quarantine\pup.annoy-rsk._qt_.vir"
sh=1A278C9611A807BB4319B4DBC0CC28D5B61139E2 ft=1 fh=dc9029d19ecf454f vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=1BA75193C7EA2F60A773275BBE8C4680539CF942 ft=1 fh=7cc849fd2039fb86 vn="Variante von Win32/VOPackage.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=571F0B954260C4B84CC1AF64A76AC0CF300BCC47 ft=1 fh=20462310961449a3 vn="Win32/VOPackage.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=97C2AF37B94ADA3F023BE4E1747100121918EDDE ft=1 fh=6fe882b86a60740d vn="Variante von Win32/VOPackage.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janin\AppData\Roaming\VOPackage\VOsrv.exe.vir"
sh=AAA29097B1E5A7098E19A38F1200E636EE1C3A1E ft=1 fh=6b75069f13c3f94c vn="Win64/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\sasnative64.exe.vir"
sh=DF9B9419AC3F3816D88F3BF5BD0BB3E3E73E4465 ft=1 fh=2814b7be3862dab6 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FuzeZip\Helper.dll"
sh=A7E3894138148E2DA4EFDDC1822B598C0011B927 ft=1 fh=2cb0fb947b32234e vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FuzeZip\Uninstall.exe"
sh=BCFCE702E43487A9232633AA7E00814661A2D3E2 ft=1 fh=8dce6f6a10db6327 vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseBHO.dll"
sh=9B1C6868AE4770894D8563A82CC027DD6BB06F3E ft=1 fh=e735c5074904dc87 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowseUninstall.exe"
sh=AA222DA10B95C021A817BF04A6CE589CF68FE505 ft=1 fh=575fa9bf92dde75b vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe"
sh=3CDB0690A360AE9C725D642E890D16005AD72D30 ft=1 fh=db21275f6a7eaec5 vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VideoPlayer\VAFChecker.exe"
sh=7CE98401671A0AB06846448F6C9E38C1BF123B45 ft=1 fh=f2aab8034aa74581 vn="Variante von Win32/ELEX.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\C6TGTP1Y\air_omiga-plus[1].exe"
sh=97C2AF37B94ADA3F023BE4E1747100121918EDDE ft=1 fh=6fe882b86a60740d vn="Variante von Win32/VOPackage.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\C6TGTP1Y\dl[1].htm"
sh=E044968BFF5F90DE0BD4E69A39F348629BDA4A57 ft=1 fh=f0b959d95aa16cbd vn="Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\C6TGTP1Y\SoftwareUpdaterSetupG[1].exe"
sh=A342E7781CD699A242335069D2BA6AB9BE4EB8A6 ft=1 fh=4eccea08f804e4e0 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\C6TGTP1Y\SpeedUpMyPC-standalone-setup[1].exe"
sh=0780C0833DF3CDE93600966150D8DB918700832F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\FH317HZK\91[1].js"
sh=1BA75193C7EA2F60A773275BBE8C4680539CF942 ft=1 fh=7cc849fd2039fb86 vn="Variante von Win32/VOPackage.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\FH317HZK\dl[1].htm"
sh=B3BB871F58EEBF78A43427319CD8BD4A1A685D8F ft=1 fh=d8c8fbc504701f40 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\FH317HZK\PowerfulBrowse_sc_C[1].exe"
sh=BADE8A5B6C5851FC98FCE91F2EB68701C01D870C ft=1 fh=9cdde0d43af7332e vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\FH317HZK\rcpsetup_17970[1].exe"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\91[1].js"
sh=A666026943BA67C409EEE5E1479D7CF5C834BC63 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\91[2].js"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\Cloud_Backup_Setup[1].exe"
sh=037C9BEEDD4E8D146BCB71AD7DBD11750B607C1B ft=1 fh=d894d5bbfaa80661 vn="MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\NewVideoPlayerSetup[1].exe"
sh=7873D39ADEACECCD219A03C9864A2770A0504654 ft=1 fh=7724ae0b676aaac3 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\setup[1].exe"
sh=D146F0490BEE423C54A8393EDCA7A3EE83114471 ft=1 fh=e04dc93b31efab69 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\setup_fst_de[1].exe"
sh=6AF02A0764C7B8E2266656AC3D87F62C03A100B4 ft=1 fh=73524ee72dbda2a6 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\speedupmypc[1].exe"
sh=9B72604832B83A5508824184D19DF2E98B654EA4 ft=1 fh=29a0d2f607c0a043 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\spidentifierimpl[1].exe"
sh=D0B0585A517CA15940583C7285CDB2675D345963 ft=1 fh=1a3582588c41f0fe vn="Win32/VOPackage.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\VOPackage[1].exe"
sh=A2853D27C2378B9065DEB3C69C5CF608F7C2EE1D ft=1 fh=620a1940836c8b2c vn="Win32/Wajam.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\OMT206TG\wajam_download[1].exe"
sh=CF404099B5F6BB9599F2EF619B8F690715C65BBF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\91[1].js"
sh=1D7E82AF0B4CB97CAEE4C4EF2772A377D0CBCD3C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\91[2].js"
sh=BE190ADD63E8DD418A46FA75FF7DB8CA66759325 ft=1 fh=938103e10c9d429f vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\amsetup__activeris_default[1].exe"
sh=E5B6E3B23B4AB3BB3A37E49CE3574E216E356046 ft=1 fh=a6a5b355abb125bb vn="Variante von Win32/AirAdInstaller.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\Media Player Update.exe"
sh=9F7EE01DE4DF56F8CAD8747BC78D540A96E17EAC ft=1 fh=56ce06f6adf24540 vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\ProtectorPackage2001x64[1].exe"
sh=119E149747A552877117A6D91EFD3BE4B26418AE ft=1 fh=d60c8402287380a1 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Microsoft\Windows\INetCache\IE\R07UDQ13\sp-downloader[1].exe"
sh=B3BB871F58EEBF78A43427319CD8BD4A1A685D8F ft=1 fh=d8c8fbc504701f40 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\air321B.exe"
sh=2B27A6C61A957AEE72ADE81DEDF6207EC16A142E ft=1 fh=c873391d160cbf5c vn="Variante von Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\air8F98.exe"
sh=6CB44F8A7EB5A374C031783CD615E9F14B699C56 ft=1 fh=067b9aed3807e5ff vn="Variante von Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\air9892.exe"
sh=7CE98401671A0AB06846448F6C9E38C1BF123B45 ft=1 fh=f2aab8034aa74581 vn="Variante von Win32/ELEX.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\airAA7A.exe"
sh=E044968BFF5F90DE0BD4E69A39F348629BDA4A57 ft=1 fh=f0b959d95aa16cbd vn="Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\airD545.exe"
sh=08A0F0FDF49B86F8FD0547594BDC3F7455330836 ft=1 fh=e3ad9ceca28a6528 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe"
sh=31455F5CD110E02D3C2CC12C8992BE164E619FA1 ft=1 fh=c71c0011489f1658 vn="Variante von Win32/Injected.F Trojaner" ac=I fn="C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe"
sh=E5B6E3B23B4AB3BB3A37E49CE3574E216E356046 ft=1 fh=a6a5b355abb125bb vn="Variante von Win32/AirAdInstaller.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\setup.exe"
sh=2B27A6C61A957AEE72ADE81DEDF6207EC16A142E ft=1 fh=c873391d160cbf5c vn="Variante von Win32/AirAdInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\Upgrader.exe"
sh=5BCFBE5933B9CAE5239BD591A4D157940D1EDAF0 ft=1 fh=65a4a2185129bd0b vn="Win32/PCPerformer.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_12721.decrpt"
sh=29E922E599F043B09FCADAA17CF1FF7FE2DE7A7B ft=1 fh=684ac876ffe6d70c vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_15489"
sh=F9596B319E388CD66BBF0A060B2E2927A18CAC01 ft=1 fh=8b466312a38acdef vn="Variante von Win32/Toolbar.Besttoolbars.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_16786"
sh=34E54AE3D1B5E48D7446EA30165B9E84F98410CD ft=1 fh=9fdf0bf2bb55c713 vn="Variante von Win32/Toolbar.Besttoolbars.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\app_17135"
sh=5BCFBE5933B9CAE5239BD591A4D157940D1EDAF0 ft=1 fh=65a4a2185129bd0b vn="Win32/PCPerformer.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\PCPerformerSetup"
sh=29E922E599F043B09FCADAA17CF1FF7FE2DE7A7B ft=1 fh=684ac876ffe6d70c vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\SearchProtectInstaller"
sh=34E54AE3D1B5E48D7446EA30165B9E84F98410CD ft=1 fh=9fdf0bf2bb55c713 vn="Variante von Win32/Toolbar.Besttoolbars.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\53wa6llb7\ZulaGamesSetup"
sh=9B72604832B83A5508824184D19DF2E98B654EA4 ft=1 fh=29a0d2f607c0a043 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\B6CDtmp\spidentifierimpl.exe"
sh=037C9BEEDD4E8D146BCB71AD7DBD11750B607C1B ft=1 fh=d894d5bbfaa80661 vn="MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F0D2tmp\newvideoplayersetup.exe"
sh=A2853D27C2378B9065DEB3C69C5CF608F7C2EE1D ft=1 fh=620a1940836c8b2c vn="Win32/Wajam.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F0F3tmp\wajam_download.exe"
sh=6AF02A0764C7B8E2266656AC3D87F62C03A100B4 ft=1 fh=73524ee72dbda2a6 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F113tmp\speedupmypc.exe"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F133tmp\cloud_backup_setup.exe"
sh=7873D39ADEACECCD219A03C9864A2770A0504654 ft=1 fh=7724ae0b676aaac3 vn="Win32/Packed.ScrambleWrapper.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F144tmp\setup.exe"
sh=D146F0490BEE423C54A8393EDCA7A3EE83114471 ft=1 fh=e04dc93b31efab69 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F164tmp\setup_fst_fr.exe"
sh=D0B0585A517CA15940583C7285CDB2675D345963 ft=1 fh=1a3582588c41f0fe vn="Win32/VOPackage.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\F184tmp\vopackage.exe"
sh=25D73A37B89F5E6C312AF69B3743D3B88B7ADC6B ft=1 fh=22b92da33aa0759c vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-39815.tmp\package_secprotwhite_installer_multilang.exe"
sh=908AF6BCE47C07002B99E79F1A565A91CF0866EF ft=1 fh=01df3a379ea6c8a3 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-4VQT7.tmp\gentlemjfst_ide.exe"
sh=ABE82C5BCA8858F95BB3FE86AC64620E7847A22E ft=1 fh=ebbfae69c3ee1dd0 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-82TEE.tmp\gentlemjfst_ide.exe"
sh=A342E7781CD699A242335069D2BA6AB9BE4EB8A6 ft=1 fh=4eccea08f804e4e0 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-E8A67.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=5E78EE52D5A6866E93E8256EE8A1CCAB9436DC9F ft=1 fh=31032e1a343b247d vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-RG0GC.tmp\InstallManagerR.exe"
sh=B894784E7A3CA9995DF8FC11CD2383F06A850BA5 ft=1 fh=e625a911c1a53fb8 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is-RG0GC.tmp\package_secprotwhite_offer_multilang.exe"
sh=175A8A0C7650EF29B0E1AE7137F5F48FDFCD6588 ft=1 fh=deea2a09617af006 vn="Variante von Win32/AdWare.SpeedingUpMyPC.G Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\is1158881826\326706318_stp.EXE"
sh=AD9D9D0327491DF82933073B054706C1FA99BB3A ft=1 fh=946f733944735ead vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\nsd94C9.tmp\nsBaliWeb.dll"
sh=BE190ADD63E8DD418A46FA75FF7DB8CA66759325 ft=1 fh=938103e10c9d429f vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\nsw2158.tmp\amsetup__activeris_default.exe"
sh=007B68FD139AF2171C561E0684FBC3B37310F7BE ft=1 fh=838de0c95466571d vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\nsw2158.tmp\PailaSM.dll"
sh=BADE8A5B6C5851FC98FCE91F2EB68701C01D870C ft=1 fh=9cdde0d43af7332e vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\AppData\Local\Temp\nsw2158.tmp\rcpsetup_17970.exe"
sh=847AB5632D3EB40D446BFDA3A82A4397B6E017D2 ft=1 fh=dfb4a49c18b78b4c vn="Variante von Win32/SoftPulse.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\Desktop\Player.exe"
sh=FFE0A97184C0E97C3763BCAD61A0A55CE01B797B ft=1 fh=aa4309ccd314a64f vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\Desktop\ReimageRepair.exe"
sh=9B670F2785DED20DA1A7002E179234546C898C3C ft=1 fh=ebbca5527827e925 vn="Variante von Win32/AirAdInstaller.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\Downloads\setup.exe"
sh=A1A6948E3BB976AB8DA7283A03D813338EF15A18 ft=1 fh=bfc5f271169c1f0d vn="Variante von Win32/Toolbar.Widdit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janin\Downloads\VLC_Media_Player.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="${Memory}"

Unsupported operating system! Aborted!


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Janin (administrator) on JANIN-PC on 22-08-2014 21:16:29
Running from C:\Users\Janin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1994594616-1859465388-4855079-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PowerfulBrowse -> {2d2873ba-db4e-4e29-8619-e16cf86fb9bb} -> C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowsebho.dll (PowerfulBrowse)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-23]

Chrome:
=======
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-05-24]
CHR Extension: (No Name) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-11]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-12-09] (TuneUp Software)
R2 Update PowerfulBrowse; C:\Program Files (x86)\PowerfulBrowse\updatePowerfulBrowse.exe [321832 2014-07-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-08-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-03] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                          )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-22 21:12 - 2014-08-22 21:12 - 00854417 _____ () C:\Users\Janin\Desktop\SecurityCheck.exe
2014-08-22 19:26 - 2014-08-22 19:26 - 02347384 _____ (ESET) C:\Users\Janin\Desktop\esetsmartinstaller_deu.exe
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 21:38 - 2014-08-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-20 21:38 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-20 21:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-19 20:16 - 2014-08-19 20:18 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:15 - 2014-08-22 21:16 - 00015069 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-19 20:15 - 2014-08-22 21:16 - 00000000 ___DC () C:\FRST
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-19 18:36 - 2014-08-20 22:15 - 00000000 ___DC () C:\AdwCleaner
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:03 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 18:03 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 18:03 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 18:03 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 18:03 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 18:03 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 18:03 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 18:03 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 18:03 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 18:03 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 18:03 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 18:03 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 18:03 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 18:03 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 18:03 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 18:03 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 18:03 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 18:03 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 18:03 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 18:03 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 18:03 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 18:03 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 18:03 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 18:03 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 18:03 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 18:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-19 18:01 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-19 18:01 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-19 18:01 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-19 18:01 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-19 18:01 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-19 18:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-19 18:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-19 18:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-19 18:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-19 18:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-19 18:01 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-19 18:01 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-19 18:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-19 18:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-19 18:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-19 18:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-19 18:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-19 18:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-19 18:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-19 18:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-19 18:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-19 18:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-19 18:01 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-19 18:01 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-19 18:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-19 18:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-19 18:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-19 18:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-19 18:01 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-19 18:01 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-19 17:58 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 17:58 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 17:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-19 17:56 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 17:55 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 17:43 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 17:43 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 17:43 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 17:43 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 17:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-19 17:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-19 17:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-19 17:43 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-19 17:43 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-19 17:43 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-19 17:43 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-19 17:43 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-19 17:43 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-19 17:43 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-19 17:43 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-19 17:43 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-19 17:43 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-19 17:43 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-19 17:43 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-19 17:43 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-19 17:43 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-19 17:43 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-19 17:43 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-19 17:42 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 17:40 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 17:40 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 17:40 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 17:40 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 17:40 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 17:40 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 17:40 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 17:40 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-08 17:57 - 2014-08-08 17:58 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-22 21:16 - 2014-08-19 20:15 - 00015069 _____ () C:\Users\Janin\Desktop\FRST.txt
2014-08-22 21:16 - 2014-08-19 20:15 - 00000000 ___DC () C:\FRST
2014-08-22 21:12 - 2014-08-22 21:12 - 00854417 _____ () C:\Users\Janin\Desktop\SecurityCheck.exe
2014-08-22 21:05 - 2013-06-21 20:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-22 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-22 20:33 - 2013-05-22 18:09 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1994594616-1859465388-4855079-1001
2014-08-22 19:31 - 2014-02-15 11:43 - 01746160 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 19:26 - 2014-08-22 19:26 - 02347384 _____ (ESET) C:\Users\Janin\Desktop\esetsmartinstaller_deu.exe
2014-08-22 19:26 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-22 19:26 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-22 19:26 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-22 19:24 - 2013-08-22 16:46 - 00295265 _____ () C:\WINDOWS\setupact.log
2014-08-22 19:21 - 2014-02-15 14:07 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6F41A456-4B45-40FB-A24E-90031FDF4DC6}
2014-08-20 22:34 - 2014-08-20 22:34 - 00001006 _____ () C:\Users\Janin\Desktop\JRT.txt
2014-08-20 22:27 - 2013-12-15 19:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 22:23 - 2014-08-20 22:23 - 01016261 _____ (Thisisu) C:\Users\Janin\Desktop\JRT.exe20.08.exe
2014-08-20 22:18 - 2014-02-15 14:06 - 00000000 ___DO () C:\Users\Janin\SkyDrive
2014-08-20 22:17 - 2013-05-22 18:02 - 00000401 _____ () C:\Users\Janin\AppData\Roaming\sp_data.sys
2014-08-20 22:16 - 2013-11-14 00:18 - 00088018 _____ () C:\WINDOWS\PFRO.log
2014-08-20 22:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 22:15 - 2014-08-19 18:36 - 00000000 ___DC () C:\AdwCleaner
2014-08-20 22:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 22:10 - 2014-08-20 22:10 - 01361671 _____ () C:\Users\Janin\Desktop\adwcleaner_3.307.exe
2014-08-20 22:07 - 2014-08-20 22:07 - 00022589 _____ () C:\Users\Janin\Desktop\mbam.txt
2014-08-20 22:04 - 2014-08-20 21:38 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-20 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-20 21:38 - 2014-08-20 21:38 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-20 21:38 - 2014-08-20 21:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-20 21:16 - 2014-08-20 21:16 - 00001278 _____ () C:\Users\Janin\Desktop\Revo Uninstaller.lnk
2014-08-20 21:16 - 2014-08-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-20 21:15 - 2014-08-20 21:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janin\Desktop\revosetup95.exe
2014-08-20 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-19 20:18 - 2014-08-19 20:16 - 00033547 _____ () C:\Users\Janin\Desktop\Addition.txt
2014-08-19 20:14 - 2014-08-19 20:14 - 02101760 _____ (Farbar) C:\Users\Janin\Desktop\FRST64.exe
2014-08-19 19:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-19 18:46 - 2014-07-17 16:10 - 00000000 ____D () C:\Program Files (x86)\PowerfulBrowse
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 18:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-19 18:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-19 18:39 - 2014-02-15 11:22 - 00000000 ____D () C:\Users\Janin
2014-08-19 18:39 - 2013-05-22 18:01 - 00000969 _____ () C:\Users\Janin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-19 18:33 - 2014-03-05 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 18:31 - 2013-08-26 17:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 18:29 - 2013-05-30 08:46 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 18:05 - 2014-08-19 18:05 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{C87F4D13-6F7C-4F40-B976-782D3CECFB94}
2014-08-19 18:02 - 2014-08-19 18:02 - 00000000 _____ () C:\WINDOWS\system32\ExtraInfo.txt
2014-08-19 17:57 - 2014-07-21 14:35 - 00014965 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-08-19 17:52 - 2014-07-21 14:27 - 00007312 _____ () C:\WINDOWS\system32\SettingsFile
2014-08-19 17:52 - 2014-07-21 14:27 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-08-19 17:52 - 2014-07-17 15:00 - 00000163 _____ () C:\WINDOWS\Reimage.ini
2014-08-19 17:46 - 2014-07-17 10:46 - 00001426 _____ () C:\Users\Janin\Desktop\Registry kostenlos entrümpeln!.lnk
2014-08-08 17:58 - 2014-08-08 17:57 - 00927992 _____ (Reimage®) C:\Users\Janin\Desktop\ReimageRepair.exe
2014-08-08 17:23 - 2013-09-28 08:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-03 22:17 - 2014-07-11 22:34 - 00000000 ____D () C:\Users\Janin\Desktop\Briefe an Mutti
2014-08-03 21:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-03 21:06 - 2013-06-21 20:28 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-03 21:05 - 2014-08-03 21:05 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-08-03 21:05 - 2014-08-03 21:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-03 21:05 - 2014-08-03 21:05 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-03 21:05 - 2013-06-21 20:28 - 00426848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-03 21:05 - 2013-06-21 20:27 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-03 21:05 - 2013-06-21 20:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-02 05:11 - 2014-08-19 17:40 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-07-14 16:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-07-14 16:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 16:52 - 2014-08-19 18:03 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-19 18:03 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-19 18:03 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-19 18:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-19 18:03 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-19 18:03 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-19 18:03 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-19 18:03 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-19 18:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-19 18:03 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-19 18:03 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-19 18:03 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-19 18:03 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-19 18:03 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-19 18:03 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-19 18:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-19 18:03 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-19 18:03 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-19 18:03 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-19 18:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-19 18:03 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-19 18:03 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-19 18:03 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-19 18:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-19 18:03 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-19 18:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-19 18:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-19 18:03 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-19 18:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-19 18:03 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-19 18:03 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-19 18:03 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Janin\AppData\Local\Temp\air321B.exe
C:\Users\Janin\AppData\Local\Temp\air8A6.exe
C:\Users\Janin\AppData\Local\Temp\air8F98.exe
C:\Users\Janin\AppData\Local\Temp\air9892.exe
C:\Users\Janin\AppData\Local\Temp\airAA7A.exe
C:\Users\Janin\AppData\Local\Temp\airC63B.exe
C:\Users\Janin\AppData\Local\Temp\airD545.exe
C:\Users\Janin\AppData\Local\Temp\airD8F8.exe
C:\Users\Janin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Janin\AppData\Local\Temp\dlLogic.exe
C:\Users\Janin\AppData\Local\Temp\dltr.exe
C:\Users\Janin\AppData\Local\Temp\GCVerifier.dll
C:\Users\Janin\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter_3.12.30.319.exe
C:\Users\Janin\AppData\Local\Temp\lowproc.exe
C:\Users\Janin\AppData\Local\Temp\nshF53D.tmp.exe
C:\Users\Janin\AppData\Local\Temp\Quarantine.exe
C:\Users\Janin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Janin\AppData\Local\Temp\setup.exe
C:\Users\Janin\AppData\Local\Temp\stubhelper.dll
C:\Users\Janin\AppData\Local\Temp\Upgrader.exe
C:\Users\Janin\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-22 20:32

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

so weit so gut und wie bekomme ich es jetzt hin das er nicht mehr irrgendwelche Internetseiten nebenbei öffnet?

bzw. hab jetzt separat ein Fenster was sich über die Webseite legt und darüber steht powerfull browser. wie bekomme ich die weg.

schrauber 23.08.2014 16:42
In welchem Browser?

susikirsche 24.08.2014 14:23
Internet Explorer

schrauber 24.08.2014 15:24
Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131