Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: werbetrojaner windows 8; malewarebytes über 100 funde

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.08.2013, 18:20   #1
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hallo,

seit heute sind auf allen möglichen Seiten Wörter grün unterstrichen und verlinken Werbung.
Das Betriebssystem ist Windows 8 - mit dem ich mich leider gar nicht auskenne.

Malwarebytes hat 102 infizierte Elemente gefunden. PUP optional heißen die infizierten Objekte.

AUßerdem bin ich mir auch nicht ganz sicher, ob mein vorinstalliertes McAffee Security noch aktiv ist - hab das Laptop seit ein paar Wochen. Es kommen dauernd irgendwelche Meldungen von McAfee, wie z.b. dass McAfee parental control ausgeführt wird, etc., und 1x kam, mein PC sei seit zwei Wochen ungeschützt, worauf ich antivir installiert habe - dann wurde mein PC so langsam, dass ich dachte, dass jetzt beide Viren-Programme aktiv sind, woraufhin ich antivir wieder deinstalliert habe.

Ich hoffe, es kann mir jemand helfen

Alt 02.08.2013, 18:24   #2
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi,
arbeite möglichst immer alles nacheinander ab, poste die Ergebnisse gleichzeitig.
1. poste aktuelle Malwarebytes Logs mit Funden:
http://www.trojaner-board.de/125889-...en-posten.html
2. gleich wird eine Anleitung zu FRST folgen, in der additions.txt bitte bearbeiten:
Empfehlungen fürs Deinstallieren
Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte
hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.08.2013, 18:37   #3
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



vielen Dank für die schnelle Antwort!!!
1. hier kommt schonmal malware bytes log, den Rest mache ich sofort

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.02.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
***:: ***-PC [Administrator]

Schutz: Aktiviert

02.08.2013 19:09:03
MBAM-log-2013-08-02 (19-31-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214303
Laufzeit: 7 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 9684 -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 9944 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 2
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 32
HKCR\CLSID\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{BB705064-D600-4F0E-B5F1-868EFB973F5E} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{85DE85E5-D992-4276-9B06-60948364EA14} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltaHlpr (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\d (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: Delta Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten:  -> Keine Aktion durchgeführt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bösartig: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Gut: () -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 11
C:\Users\lulu\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 50
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\125.dll (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\~rmj315927499349509409.tmp (Trojan.Inject) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\ccp.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\Setup.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\is956058749\162747294_Setup.EXE (PUP.Optional.AddLyrics) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Local\Temp\is956058749\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\chrome.manifest (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\125.crx (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\125.dat (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\125.xpi (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\sqlite3.dll (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\LyriXeeker\Uninstall.exe (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\LyricXeeker Update.job (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\lulu\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\GUninstaller.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.

(Ende)
         
__________________

Alt 02.08.2013, 18:39   #4
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi, ich hatte gebeten, alle Logs etc gleichzeitig zu posten, dann muss ich nur einmal reinsehen und kann meine Anweisungen gleich posten, danke.
(bitte keinen post wie: mach ich) sonst werden weitere an den angehangen :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.08.2013, 19:11   #5
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



ok, tut mir Leid, passiert nicht noch mal Aber die folgenden Logs muss ich getrennt nacheinander reinstellen, weil die zusammen zu groß sind.

und noch eine Frage: Ich habe jetzt bei Maleware Bytes nicht auf "Entfernen" der Funde geklickt, war das richtig so?



2. FRST Editor

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by **(administrator) on 02-08-2013 19:41:59
Running from C:\Users\lulu\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Spotify] - C:\Users\lulu\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe [48640 2012-07-26] (Microsoft Corporation) <===== ATTENTION
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
SearchScopes: HKCU - DefaultScope {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
SearchScopes: HKCU - {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A236D83C-2C6E-4DA1-867B-702412B2964C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Program Files (x86)\LyriXeeker\125.dll (LyriXeeker Tech)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default
FF user.js: detected! => C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\searchplugins\babylon.xml
FF Extension: Delta Toolbar - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\ffxtlbr@delta.com
FF Extension: kikin plugin (NO23 Edition) - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF Extension: No Name - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files (x86)\LyriXeeker\125.xpi
FF Extension: No Name - C:\Program Files (x86)\LyriXeeker\125.xpi

==================== Services (Whitelisted) =================

S2 0050691375351163mcinstcleanup; C:\Users\lulu\AppData\Local\Temp\005069~1.EXE [833616 2013-01-30] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-05-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [x]
U3 mfeapfk01; No ImagePath
U3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:07 - 2013-08-02 15:07 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com                                       ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-08-02 13:35 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-02 13:35 - 2013-08-02 13:35 - 00003044 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-08-02 13:35 - 2013-08-02 13:35 - 00000404 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\BabSolution
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\LyriXeeker
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:38 - 2013-08-02 12:39 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:55 - 2013-08-01 11:55 - 00000000 ____D C:\ProgramData\APN
2013-08-01 11:55 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\lulu\Documents\APNSetup.exe
2013-08-01 11:54 - 2013-08-01 11:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 11:50 - 2013-07-21 12:00 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\kikin
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Program Files (x86)\kikin
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:22 - 2012-09-18 15:27 - 00501760 _____ C:\Windows\system32\ZSHP1020.EXE
2013-07-19 11:22 - 2012-09-18 15:27 - 00192512 _____ C:\Windows\system32\ZLhp1020.DLL
2013-07-19 11:22 - 2012-09-18 09:34 - 00247296 _____ () C:\Windows\system32\zshp1020s.dll
2013-07-19 11:22 - 2012-09-18 09:34 - 00128380 _____ C:\Windows\system32\hp1018.img
2013-07-19 11:22 - 2012-09-18 09:34 - 00010698 _____ C:\Windows\system32\ZSHP1018.CHM
2013-07-19 11:19 - 2013-07-19 11:23 - 00321770 _____ C:\1020.log
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 14:04 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-18 14:04 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 14:04 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-18 14:04 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-18 14:04 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-18 14:04 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-18 14:04 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-18 14:04 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-18 14:04 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-18 14:04 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-18 14:03 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-18 14:03 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-18 14:03 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-18 14:03 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-18 14:03 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-18 14:03 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-18 14:03 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 08:54 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-15 15:40 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-07-15 15:40 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-07-15 15:40 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-08 06:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:38 - 2012-11-06 09:52 - 00277736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-07-15 15:38 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00976384 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2013-07-15 15:38 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-07-15 15:38 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2013-07-15 15:38 - 2012-11-06 05:53 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-15 15:38 - 2012-11-06 05:51 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-12 08:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2013-07-14 21:21 - 2012-10-12 07:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-07-14 21:20 - 2012-10-24 06:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-07-14 21:20 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2013-07-14 21:20 - 2012-10-11 07:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-07-14 21:20 - 2012-10-11 07:44 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-14 21:20 - 2012-10-11 07:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-07-14 21:19 - 2012-10-11 09:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-07-14 21:19 - 2012-10-11 09:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2013-07-14 21:19 - 2012-10-11 09:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-14 21:19 - 2012-10-11 09:18 - 00172264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00058088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2013-07-14 21:19 - 2012-10-11 09:08 - 00562392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-14 21:19 - 2012-10-11 07:46 - 00517120 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 01045504 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00904192 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2013-07-14 21:19 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-07-14 21:19 - 2012-10-11 07:16 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-07-14 21:19 - 2012-10-11 07:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2013-07-14 21:19 - 2012-10-11 07:07 - 00962560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 06:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 02:45 - 00478424 _____ C:\Windows\SysWOW64\locale.nls
2013-07-14 21:19 - 2012-10-11 02:44 - 00478424 _____ C:\Windows\system32\locale.nls
2013-07-14 21:18 - 2012-12-04 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-07-14 21:18 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 01071104 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-07-14 21:18 - 2012-11-27 06:18 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:17 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-07-14 21:18 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-14 21:18 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2013-07-14 21:18 - 2012-10-12 07:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-14 21:18 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2013-07-14 21:18 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2013-07-11 21:49 - 2013-07-11 22:10 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:24 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:24 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:24 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:24 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 09:23 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 09:23 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:23 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-08 20:32 - 2013-07-20 12:33 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-08 20:31 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-08-02 15:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-07-08 20:30 - 2013-07-21 23:42 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:31 - 2013-08-02 18:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 15:31 - 2013-07-15 09:28 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-08 15:30 - 2013-07-15 09:28 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 14:49 - 2013-07-08 15:10 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:49 - 2013-07-14 20:50 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-08 09:39 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-08 09:39 - 2013-07-14 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 09:39 - 2013-07-08 15:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 01:23 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2013-07-08 01:22 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-07-08 01:20 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00785504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-08 01:20 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:26 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:22 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:22 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-07-08 01:20 - 2013-01-09 05:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-07-08 01:20 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2013-07-08 01:19 - 2013-03-02 12:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-07-08 01:19 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2013-07-08 01:19 - 2013-03-02 12:45 - 00148712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00327912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-07-08 01:19 - 2013-03-02 10:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01161728 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-07-08 01:19 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2013-07-08 01:19 - 2013-03-02 04:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2013-07-08 01:19 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-07-08 01:19 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-07-08 01:19 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2013-07-08 01:17 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-07-08 01:17 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2013-07-08 01:17 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2013-07-08 01:17 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2013-07-08 01:17 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-07-08 01:17 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2013-07-08 01:17 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2013-07-08 01:17 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-07-08 01:17 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-07-08 01:17 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-07-08 01:17 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-07-08 01:17 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-07-08 01:17 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-07-08 01:17 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-07-08 01:17 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-07-08 01:17 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-07-08 01:17 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-07-08 01:17 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-07-08 01:17 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-08 01:17 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2013-07-08 01:17 - 2012-11-06 09:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2013-07-08 01:17 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-07-08 01:16 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-07-08 01:16 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-08 01:16 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-08 01:16 - 2012-11-06 06:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-08 01:11 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-07-08 01:11 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-07-08 01:11 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-07-08 01:11 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-08 01:11 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-07-08 01:11 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-07-08 01:11 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-07-08 01:11 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-07-08 01:11 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-07-08 01:11 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2013-07-08 01:11 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2013-07-08 01:11 - 2012-11-02 07:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-08 01:10 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-08 01:10 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-08 01:10 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-07-08 01:10 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-07-08 01:10 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-07-08 01:10 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-07-08 01:10 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-07-08 01:09 - 2013-04-16 04:34 - 01455368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-08 01:09 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-07-08 01:07 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-08 01:07 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-08 01:07 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-08 01:07 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-08 01:07 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2013-07-08 01:07 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2013-07-08 01:07 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2013-07-08 01:07 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-08 01:07 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-08 01:06 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-08 01:06 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2013-07-08 01:06 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-07-08 01:05 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-07-08 01:05 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2013-07-08 01:05 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-07-08 01:05 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2013-07-08 01:05 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2013-07-08 00:59 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-08 00:59 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-07-08 00:59 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00496872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-07-08 00:59 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-08 00:59 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-07-08 00:59 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-07-08 00:59 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2013-07-08 00:59 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-07-08 00:59 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2013-07-08 00:59 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2013-07-08 00:59 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-07-08 00:59 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2013-07-08 00:59 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2013-07-08 00:59 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2013-07-08 00:59 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2013-07-08 00:58 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-08 00:58 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-07-08 00:58 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-08 00:58 - 2012-12-16 10:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:20 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:08 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-08 00:58 - 2012-12-16 09:57 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-07-08 00:58 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-07-08 00:57 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-08 00:57 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-08 00:51 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-08 00:51 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-08 00:51 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-08 00:51 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-08 00:47 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-07-08 00:47 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-07-08 00:47 - 2013-01-29 03:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-07-08 00:47 - 2013-01-29 01:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-07-08 00:42 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:41 - 01438720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 01836032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-08 00:39 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-08 00:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-08 00:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-08 00:38 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-08 00:38 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-08 00:38 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-08 00:38 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-08 00:38 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-17 18:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 __RHD C:\MSOCache
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:12 - 2013-07-19 11:21 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:51 - 2013-08-02 19:11 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-08-02 13:41 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-07-07 21:44 - 2013-08-02 13:28 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-07-07 21:44 - 2013-07-07 23:53 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-07 21:42 - 2013-07-08 15:54 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:41 - 2013-07-07 22:58 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-08 15:10 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:39 - 2013-07-07 21:43 - 00000000 ____D C:\Users\lulu
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64.exe
2013-08-02 19:15 - 2013-01-22 00:41 - 02002762 _____ C:\Windows\WindowsUpdate.log
2013-08-02 19:11 - 2013-07-07 21:51 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 19:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-02 18:59 - 2013-07-08 15:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-02 15:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-08-02 15:07 - 2013-08-02 15:07 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-08-02 13:41 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com                                       ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-08-02 13:35 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-02 13:35 - 2013-08-02 13:35 - 00003044 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-08-02 13:35 - 2013-08-02 13:35 - 00000404 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\BabSolution
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\LyriXeeker
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-02 13:35 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:28 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:39 - 2013-08-02 12:38 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:59 - 2013-01-22 01:13 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-01 11:59 - 2013-01-22 01:12 - 00000000 ____D C:\ProgramData\MOCP
2013-08-01 11:55 - 2013-08-01 11:55 - 00000000 ____D C:\ProgramData\APN
2013-08-01 11:54 - 2013-08-01 11:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-31 16:30 - 2013-01-22 00:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-31 16:30 - 2013-01-22 00:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-31 16:30 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 16:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-31 16:22 - 2012-08-03 04:22 - 00026146 _____ C:\Windows\PFRO.log
2013-07-31 16:22 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 16:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 23:42 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-21 12:00 - 2013-07-21 11:50 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\kikin
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Program Files (x86)\kikin
2013-07-20 12:33 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-20 11:53 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-19 11:23 - 2013-07-19 11:19 - 00321770 _____ C:\1020.log
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:21 - 2013-07-07 22:12 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 23:00 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-17 18:23 - 2013-07-08 00:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 18:13 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 09:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-15 23:01 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-15 23:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-15 09:28 - 2013-07-08 15:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 09:28 - 2013-07-08 15:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-14 20:55 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 20:53 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 20:50 - 2013-07-08 09:49 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 22:10 - 2013-07-11 21:49 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:12 - 2013-01-22 01:08 - 00000000 ____D C:\ProgramData\Adobe
2013-07-08 20:32 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 20:27 - 2012-07-26 09:21 - 00020708 _____ C:\Windows\setupact.log
2013-07-08 15:54 - 2013-07-07 21:42 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:15 - 2013-07-08 09:39 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 15:10 - 2013-07-08 14:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-08 15:10 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-08 15:10 - 2012-08-03 04:25 - 00000000 ____D C:\ProgramData\PRICache
2013-07-08 14:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 02:09 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-07-08 02:07 - 2013-01-22 00:45 - 00000000 ____D C:\ProgramData\McAfee
2013-07-08 02:05 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-08 00:36 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:35 - 2012-10-20 02:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:34 - 2013-01-22 01:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 __RHD C:\MSOCache
2013-07-07 23:54 - 2013-01-22 00:48 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2013-07-07 23:53 - 2013-07-07 21:44 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:58 - 2013-07-07 21:41 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-07 21:39 - 00000000 ____D C:\Users\lulu
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:42 - 2013-01-22 01:07 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-07 21:42 - 2013-01-22 00:17 - 00000000 ____D C:\Program Files\Sony
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:40 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-07 21:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-07-07 21:15 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default

Files to move or delete:
====================
C:\Windows\SysWOW64\rundll32.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-31 09:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 02.08.2013, 19:12   #6
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



3. Adition editor
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2013
Ran by Laura at 2013-08-02 19:43:08
Running from C:\Users\lulu\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) -nötig
Adobe Reader XI  MUI (x32 Version: 11.0.00)-nötig
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)-nötig
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98) -unbekannt
Aloha TriPeaks (x32 Version: 2.2.0.98) -unbekannt
AMD Accelerated Video Transcoding (Version: 12.5.100.20821)-unbekannt
AMD APP SDK Runtime (Version: 10.0.938.2)-unbekannt
AMD Catalyst Install Manager (Version: 8.0.881.0)-unbekannt
AMR to MP3 Converter 1.4 (x32)-nötig
aptics Pointing Device Driver (Version: 16.2.16.2)-unbekannt
Bejeweled 3 (x32 Version: 2.2.0.98)-unbekannt
BrowserDefender (x32)-unbekannt-unbekannt
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)-unbekannt
Catalyst Control Center - Branding (x32 Version: 1.00.0000)-unbekannt
Catalyst Control Center (x32 Version: 2012.0821.2159.37544)-unbekannt
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0821.2159.37544)-unbekannt
Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544)-unbekannt
Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544)-unbekannt
CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Czech (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Danish (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Dutch (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help English (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Finnish (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help French (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help German (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Greek (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Hungarian (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Italian (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Japanese (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Korean (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Norwegian (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Polish (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Portuguese (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Russian (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Spanish (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Swedish (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Thai (x32 Version: 2012.0821.2158.37544)-unbekannt
CCC Help Turkish (x32 Version: 2012.0821.2158.37544)-unbekannt
ccc-utility64 (Version: 2012.0821.2159.37544)-unbekannt
Chuzzle Deluxe (x32 Version: 2.2.0.95)-unbekannt
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)-unbekannt
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126)-nötig
CyberLink PowerDVD (x32 Version: 9.0.5728.52)-nötig
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) -nötig
Delta Chrome Toolbar (x32) -unnötig
Delta toolbar   (x32 Version: 1.8.22.0) -unnötig
FATE (x32 Version: 2.2.0.97)-unbekannt
FDUx86 (x32 Version: 1.0.0)-unbekannt
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32)-unbekannt
Intel AppUp(R) center (x32 Version: 3.8.0.41505.25)-unbekannt
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)-unbekannt
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)-unbekannt
Intel® Trusted Connect Service Client (Version: 1.24.388.1)-unbekannt
Java 7 Update 9 (64-bit) (Version: 7.0.90)-nötig
Java 7 Update 9 (x32 Version: 7.0.90)-nötig
Java Auto Updater (x32 Version: 2.1.9.0)-nötig
kikin Plugin (NO23 Edition) 1.11 (x32 Version: 1.11) -unnötig
KUx86 (x32 Version: 1.0.0)-unbekannt
Luxor HD (x32 Version: 2.2.0.110)-unbekannt
LyricXeeker (x32)-unbekannt
Mahjongg Artifacts (x32 Version: 2.2.0.110)-unbekannt
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)-nötig
McAfee Internet Security (x32 Version: 11.6.511)-nötig
Microsoft Office (x32 Version: 15.0.4420.1017)-nötig
Microsoft Office 2010 Service Pack 1 (SP1) (x32)-nötig
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)-nötig
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)-nötig
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)-nötig
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)-unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)-unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)-unbekannt
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)-unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)-unbekannt
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)-nötig
Mozilla Maintenance Service (x32 Version: 22.0)-unbekannt
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)-unbekannt
No23 Recorder (x32 Version: 2.1.0.3)-nötig
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)-unbekannt
PlayMemories Home (x32 Version: 6.3.02.07270)-unbekannt
Polar Bowler (x32 Version: 2.2.0.97)-unbekannt
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.214)-unbekannt
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)-nötig
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)-nötig
Restore (x32 Version: 1.0.0)-unbekannt
Shared C Run-time for x64 (Version: 10.0.0)-unbekannt
Spotify (HKCU Version: 0.9.1.57.ge7405149)-nötig
SSLx64 (Version: 1.0.0)-unbekannt
SSLx86 (x32 Version: 1.0.0)-unbekannt
swMSM (x32 Version: 12.0.0.1)-unbekannt
Update for Microsoft Office 2010 (KB2553065) (x32)-nötig
Update for Microsoft Office 2010 (KB2553092) (x32)-nötig
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) -nötig
Update for Microsoft Office 2010 (KB2566458) (x32)-nötig
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)-nötig
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)-nötig
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)-nötig
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)-nötig
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)-nötig
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)-unbekannt
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)-nötig
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)-unnötig
Update Installer for WildTangent Games App (x32)-unbekannt
Vacation Quest™ - Australia (x32 Version: 3.0.2.32)-unbekannt
VAIO - Xperia Link (x32 Version: 1.1.0.11020)-nötig
VAIO Care (Version: 8.1.0.10120)-nötig
VAIO Control Center (x32 Version: 6.1.0.10300)-nötig
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)-nötig
VAIO Easy Connect (x32 Version: 1.3.0.09290)-nötig
VAIO Gate (x32 Version: 3.0.0.08140)-nötig
VAIO Gate Default (x32 Version: 3.1.0.10240)-nötig
VAIO Gesture Control (x32 Version: 2.1.0.10220)-nötig
VAIO Image Optimizer (x32 Version: 3.0.00.08170)-nötig
VAIO Improvement (x32 Version: 2.1.0.10220)-nötig
VAIO Media Server Settings (Version: 1.0.1.10170)-nötig
VAIO Movie Creator (x32 Version: 4.0.00.10170)-nötig
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)-nötig
VAIO Update (x32 Version: 6.0.2.10230)-nötig
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)-nötig
VAIO-Handbuch (x32 Version: 3.0.0.08100)-nötig
VAIO-Hardwarediagnose-Plugin für VAIO Care (x32 Version: 4.7.0.11070)-nötig
VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060)-nötig
VCCx64 (Version: 1.0.0)-unbekannt
VCCx86 (x32 Version: 1.0.0)-unbekannt
VGClientX64 (Version: 1.0.0)-unbekannt
VHD (x32 Version: 1.0.0)-unbekannt
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32)-unbekannt
VIx64 (Version: 1.0.0)-unbekannt
VIx86 (x32 Version: 1.0.0)-unbekannt
VMLx86 (x32 Version: 1.0.0)-unbekannt
VPMx64 (Version: 1.0.0)-unbekannt
VSSTx64 (Version: 1.0.0)-unbekannt
VSSTx86 (x32 Version: 1.0.0)-unbekannt
VU5x64 (Version: 1.0.0)-unbekannt
VU5x86 (x32 Version: 1.0.0)-unbekannt
VUx64 (Version: 1.0.0)-unbekannt
VUx86 (x32 Version: 1.0.0)-unbekannt
VWSTx86 (x32 Version: 1.0.0)-unbekannt
WildTangent Games App (x32 Version: 4.0.9.7)-unbekannt
WildTangent-Spiele (x32 Version: 1.0.4.0)-unbekannt
XperiaLinkx86 (x32 Version: 1.0.0)-unbekannt
Youda Jewel Shop (x32 Version: 3.0.2.32)-unbekannt

==================== Restore Points  =========================

19-07-2013 08:39:59 Windows Update
20-07-2013 11:24:05 No23 Recorder wird installiert
30-07-2013 08:54:36 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04D74653-6BC9-4C5F-876F-D161807CCF3D} - System32\Tasks\EPUpdater => C:\Users\lulu\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {0661FB25-0450-4253-82AC-9129EB9B8157} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {0A40BD42-E8F1-4EA8-953F-59A8ADA2B59E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {0B83619B-C6FB-45C4-9637-CF2101C3B71A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {1267D6EB-4305-40AB-8AA1-747B51B1C057} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1FE800DA-0703-479A-A6AC-E778FD43FFCA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3D4B2E7F-EF18-4686-A04A-0F4A3D014600} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {519B81AC-B747-486E-B84A-15691C5CF089} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {6029F91E-F4E9-4D93-9CA9-4AB827ED87CC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {618824AA-494E-42B9-AC6E-D1607767E35F} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E7B8020-199C-42B0-936B-082E52DE9795} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-23] (Sony Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-10-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8ED20079-776C-446D-8A0C-71E3DC3CDEB6} - System32\Tasks\LyricXeeker Update => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe [2013-07-27] (LyriXeeker Tech)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AE2806A3-727A-48E6-8AEA-494AACB020D0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B0197A67-4149-4442-AFE9-15D314C1DBEC} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {B1DA4434-017D-420A-A921-57317F79D2F2} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {B9470BFD-E8DB-45EE-B424-4C5010BEDB3B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {BAF03EFE-C81E-42EF-B9AA-E48C80E0702B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BD2C4799-2D62-4104-85F4-15C696BE8DBA} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {BE2AF02B-BD6D-4C08-95B3-469870D41A56} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {BFD017BC-AAB9-40D2-B7BC-BFF2AACCBC7E} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C899C774-9679-4DEC-8C87-5F2307D2C117} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {CD91CE74-9EB2-49A7-9CAD-5812ED8AFA85} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {D9AE8BC5-24AC-496A-A1B8-35C9647D559D} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DC2FA84B-CD37-48B5-A9DE-B019C9363AAF} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-10-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {EC1FB769-7DA4-46F3-AE27-61A59ED47566} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F489F9AD-C70B-45F7-991A-7A48F7AC81C3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {F5F6FEB4-AB12-4A07-8C67-2EBFD5893BA6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {F6DF139C-CC9D-40D0-8BAF-E9188E59AA19} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2013 03:07:56 PM) (Source: MsiInstaller) (User: BONI-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (08/02/2013 03:07:55 PM) (Source: MsiInstaller) (User: BONI-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (07/29/2013 09:41:11 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/23/2013 11:40:07 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/21/2013 03:39:51 PM) (Source: SampleCollector) (User: )
Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (07/19/2013 11:20:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5
Name des fehlerhaften Moduls: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0002b2eb
ID des fehlerhaften Prozesses: 0x8d8
Startzeit der fehlerhaften Anwendung: 0xProductInst.exe0
Pfad der fehlerhaften Anwendung: ProductInst.exe1
Pfad des fehlerhaften Moduls: ProductInst.exe2
Berichtskennung: ProductInst.exe3
Vollständiger Name des fehlerhaften Pakets: ProductInst.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ProductInst.exe5

Error: (07/19/2013 11:20:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5
Name des fehlerhaften Moduls: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0002b2eb
ID des fehlerhaften Prozesses: 0x1be0
Startzeit der fehlerhaften Anwendung: 0xProductInst.exe0
Pfad der fehlerhaften Anwendung: ProductInst.exe1
Pfad des fehlerhaften Moduls: ProductInst.exe2
Berichtskennung: ProductInst.exe3
Vollständiger Name des fehlerhaften Pakets: ProductInst.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ProductInst.exe5

Error: (07/11/2013 09:51:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/08/2013 02:11:37 AM) (Source: Perflib) (User: )
Description: Outlook

Error: (07/08/2013 02:11:37 AM) (Source: Perflib) (User: )
Description: Outlook8


System errors:
=============
Error: (08/02/2013 03:33:15 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/01/2013 11:07:32 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/01/2013 09:23:46 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/29/2013 01:03:41 AM) (Source: DCOM) (User: BONI-PC)
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (07/29/2013 01:03:41 AM) (Source: DCOM) (User: BONI-PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/24/2013 11:25:08 PM) (Source: DCOM) (User: BONI-PC)
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (07/08/2013 06:06:58 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "NICO-VAIO",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/08/2013 03:12:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (07/08/2013 02:06:58 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}

Error: (07/08/2013 02:06:57 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


Microsoft Office Sessions:
=========================
Error: (08/02/2013 03:07:56 PM) (Source: MsiInstaller)(User: BONI-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/02/2013 03:07:55 PM) (Source: MsiInstaller)(User: BONI-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/29/2013 09:41:11 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/23/2013 11:40:07 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/21/2013 03:39:51 PM) (Source: SampleCollector)(User: )
Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (07/19/2013 11:20:57 AM) (Source: Application Error)(User: )
Description: ProductInst.exe1.0.5.350bff5c5ProductInst.exe1.0.5.350bff5c5c000000d0002b2eb8d801ce846139b9b44fC:\Users\lulu\AppData\Local\Temp\7zS29CC\ProductInst.exeC:\Users\lulu\AppData\Local\Temp\7zS29CC\ProductInst.exe84abe431-f054-11e2-be79-a41731e1c014

Error: (07/19/2013 11:20:00 AM) (Source: Application Error)(User: )
Description: ProductInst.exe1.0.5.350bff5c5ProductInst.exe1.0.5.350bff5c5c000000d0002b2eb1be001ce84611839619cC:\Users\lulu\AppData\Local\Temp\7zS269C\ProductInst.exeC:\Users\lulu\AppData\Local\Temp\7zS269C\ProductInst.exe62b91e73-f054-11e2-be79-a41731e1c014

Error: (07/11/2013 09:51:19 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/08/2013 02:11:37 AM) (Source: Perflib)(User: )
Description: Outlook

Error: (07/08/2013 02:11:37 AM) (Source: Perflib)(User: )
Description: Outlook8


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 4043.27 MB
Available physical RAM: 1553.57 MB
Total Pagefile: 5307.27 MB
Available Pagefile: 1498.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:436.4 GB) (Free:386.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 44C23A29)

Partition: GPT Partition Type
==================== End Of Log ============================
         

Alt 02.08.2013, 19:27   #7
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi,
um die Malwarebytes Funde kümmern wir uns noch.


es sind 2 Logs zu erstellen, möglichst gleichzeitig posten.
Sollte eine der Deinstalationen nicht funktionieren, nutze Rewo:
Revo Uninstaller - Download - Filepony

1.
Deinstaliere:
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Agatha
Aloha
Bejeweled
BrowserDefender
Chuzzle
Cradle
Delta : beide
Heroes
Java 7 : beide
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
kikin
LyricXeeker
Mahjongg
Mystery
Plants vs
Polar Bowler
Vacation
Virtual Villagers
WildTangent : beide
Youda Jewel Shop

Neustarten.
2.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


3.
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.08.2013, 21:11   #8
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Code:
ATTFilter
ComboFix 13-08-02.01 - 02.08.2013  21:37:01.1.2 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.4043.2381 [GMT 2:00]
ausgeführt von:: c:\users\lulu\Downloads\ComboFix.exe
AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Im Speicher befindliches AV aktiv.
.
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\lulu\AppData\Local\lame_enc.dll
c:\users\lulu\AppData\Local\Microsoft\Windows\Temporary Internet Files\{257EACC6-0695-4973-8529-5E618F0D2844}.xps
c:\users\lulu\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F0871B5D-D3C5-47BE-AE19-ED4F9711DD7C}.xps
c:\users\lulu\AppData\Local\no23xwrapper.dll
c:\users\lulu\AppData\Local\ogg.dll
c:\users\lulu\AppData\Local\vorbis.dll
c:\users\lulu\AppData\Local\vorbisenc.dll
c:\users\lulu\AppData\Local\vorbisfile.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-02 bis 2013-08-02  ))))))))))))))))))))))))))))))
.
.
2013-08-02 19:47 . 2013-08-02 19:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-02 19:07 . 2013-08-02 19:07	312232	----a-w-	c:\windows\system32\javaws.exe
2013-08-02 19:07 . 2013-08-02 19:07	189352	----a-w-	c:\windows\system32\javaw.exe
2013-08-02 19:07 . 2013-08-02 19:07	188840	----a-w-	c:\windows\system32\java.exe
2013-08-02 19:07 . 2013-08-02 19:07	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-02 19:07 . 2013-08-02 19:07	--------	d-----w-	c:\program files\Java
2013-08-02 18:54 . 2013-08-02 18:54	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-08-02 17:41 . 2013-08-02 17:41	--------	d-----w-	C:\FRST
2013-08-02 17:06 . 2013-08-02 17:06	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-02 17:06 . 2013-08-02 17:06	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-02 17:06 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-08-02 11:36 . 2013-08-02 11:36	--------	d-----w-	c:\program files (x86)\AMR to MP3 Converter
2013-08-02 11:35 . 2013-08-02 11:35	--------	d-----w-	c:\programdata\Babylon
2013-08-02 11:26 . 2013-08-02 11:26	--------	d-----w-	c:\windows\LastGood.Tmp
2013-08-01 21:20 . 2013-08-01 21:20	262832	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10212.bin
2013-08-01 09:55 . 2013-08-01 09:55	--------	d-----w-	c:\programdata\APN
2013-07-19 09:23 . 2012-09-18 13:27	65024	----a-w-	c:\windows\system32\Spool\prtprocs\x64\PPhp1020.DLL
2013-07-19 09:22 . 2012-09-18 07:34	247296	----a-w-	c:\windows\system32\zshp1020s.dll
2013-07-19 09:22 . 2012-09-18 13:27	192512	----a-w-	c:\windows\system32\ZLhp1020.DLL
2013-07-19 09:22 . 2012-09-18 13:27	501760	----a-w-	c:\windows\system32\ZSHP1020.EXE
2013-07-19 09:22 . 2013-07-19 09:22	--------	d-----w-	c:\program files\HP
2013-07-19 09:19 . 2013-07-19 09:19	--------	d-----w-	c:\program files (x86)\HP
2013-07-18 12:03 . 2013-06-01 09:24	850944	----a-w-	c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-18 12:03 . 2013-06-01 09:19	207872	----a-w-	c:\windows\system32\DeviceSetupManager.dll
2013-07-18 12:03 . 2013-06-01 11:29	337152	----a-w-	c:\windows\system32\drivers\USBXHCI.SYS
2013-07-18 12:03 . 2013-06-01 09:22	80896	----a-w-	c:\windows\system32\MbaeParserTask.exe
2013-07-18 12:03 . 2013-06-01 11:54	194816	----a-w-	c:\windows\system32\drivers\sdbus.sys
2013-07-18 12:03 . 2013-06-01 11:54	125184	----a-w-	c:\windows\system32\drivers\dumpsd.sys
2013-07-18 12:03 . 2013-06-01 09:22	190976	----a-w-	c:\windows\system32\vdsutil.dll
2013-07-18 12:03 . 2013-06-01 09:25	67584	----a-w-	c:\windows\SysWow64\samlib.dll
2013-07-18 12:03 . 2013-06-01 03:08	37632	----a-w-	c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-18 12:03 . 2013-06-16 22:41	997632	----a-w-	c:\windows\system32\drivers\ndis.sys
2013-07-17 16:17 . 2013-07-17 16:17	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-07-16 06:54 . 2013-05-15 22:35	144384	----a-w-	c:\windows\system32\tssdisai.dll
2013-07-15 13:40 . 2012-11-20 05:17	1184256	----a-w-	c:\windows\system32\Display.dll
2013-07-15 13:40 . 2012-11-20 05:24	1164800	----a-w-	c:\windows\SysWow64\Display.dll
2013-07-15 13:40 . 2012-11-20 04:59	7168	----a-w-	c:\windows\system32\KBDKURD.DLL
2013-07-15 13:40 . 2012-11-20 05:02	6656	----a-w-	c:\windows\SysWow64\KBDKURD.DLL
2013-07-15 13:40 . 2012-11-08 04:25	523776	----a-w-	c:\windows\SysWow64\WSShared.dll
2013-07-15 13:40 . 2012-11-08 04:25	124928	----a-w-	c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 13:40 . 2012-11-08 04:22	641536	----a-w-	c:\windows\system32\WSShared.dll
2013-07-15 13:40 . 2012-11-08 04:22	198656	----a-w-	c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 13:40 . 2012-11-08 04:22	163840	----a-w-	c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 13:40 . 2012-11-08 04:25	143872	----a-w-	c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-07-14 19:21 . 2012-10-12 06:13	109568	----a-w-	c:\windows\system32\dskquota.dll
2013-07-14 19:21 . 2012-10-12 05:39	82944	----a-w-	c:\windows\SysWow64\dskquota.dll
2013-07-14 19:21 . 2012-10-17 04:32	1172992	----a-w-	c:\windows\system32\mfnetsrc.dll
2013-07-14 19:21 . 2012-10-17 04:32	677888	----a-w-	c:\windows\system32\mfnetcore.dll
2013-07-14 19:21 . 2012-10-17 03:57	929792	----a-w-	c:\windows\SysWow64\mfnetsrc.dll
2013-07-14 19:21 . 2012-10-17 03:57	568832	----a-w-	c:\windows\SysWow64\mfnetcore.dll
2013-07-14 19:21 . 2012-10-17 03:57	513024	----a-w-	c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-07-14 19:21 . 2012-10-17 04:32	673280	----a-w-	c:\windows\system32\mfmpeg2srcsnk.dll
2013-07-14 19:20 . 2012-10-24 04:54	396008	----a-w-	c:\windows\system32\hal.dll
2013-07-14 19:20 . 2012-10-11 05:45	3236864	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-07-14 19:20 . 2012-10-11 05:46	1395712	----a-w-	c:\windows\system32\Windows.UI.Immersive.dll
2013-07-14 19:20 . 2012-10-11 05:45	579584	----a-w-	c:\windows\system32\StructuredQuery.dll
2013-07-14 19:20 . 2012-10-11 05:44	1265152	----a-w-	c:\windows\system32\lsasrv.dll
2013-07-14 19:20 . 2012-10-11 05:07	1226752	----a-w-	c:\windows\SysWow64\Windows.UI.Immersive.dll
2013-07-14 19:18 . 2012-12-04 04:21	368640	----a-w-	c:\windows\system32\sppwinob.dll
2013-07-11 18:52 . 2013-06-21 05:04	19187712	----a-w-	c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-11 18:52 . 2013-06-21 04:46	18523648	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-11 08:23 . 2013-07-11 08:23	--------	d-----w-	c:\programdata\CyberLink
2013-07-11 07:24 . 2013-04-10 22:35	1617920	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 07:24 . 2013-04-10 22:35	2035200	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-11 07:24 . 2013-04-10 22:35	1318912	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 07:24 . 2013-04-10 22:35	1306112	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 07:24 . 2013-04-10 22:35	1272320	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:24 . 2013-04-11 04:12	1029632	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-11 07:24 . 2013-04-11 04:12	1413632	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-11 07:24 . 2013-04-11 22:30	1421312	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-11 07:24 . 2013-04-11 22:22	1838080	----a-w-	c:\windows\system32\DWrite.dll
2013-07-11 07:24 . 2013-05-04 06:59	2842112	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-11 07:24 . 2013-05-04 04:57	2620928	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-08 12:49 . 2013-07-08 13:10	--------	d-----r-	c:\windows\BrowserChoice
2013-07-08 11:43 . 2013-07-08 11:43	--------	d-----w-	c:\windows\SysWow64\Adobe
2013-07-08 08:29 . 2013-07-08 08:29	50784	----a-w-	c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-07-08 08:29 . 2013-07-08 08:29	17536	----a-w-	c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-08 07:49 . 2013-07-14 18:50	78185248	----a-w-	c:\windows\system32\MRT.exe
2013-07-08 07:39 . 2013-07-14 18:55	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-07-07 23:23 . 2012-08-31 00:52	17888	----a-w-	c:\windows\system32\msvcr100_clr0400.dll
2013-07-07 23:22 . 2012-08-31 00:53	17888	----a-w-	c:\windows\SysWow64\msvcr100_clr0400.dll
2013-07-07 23:19 . 2013-03-02 02:45	1161728	----a-w-	c:\windows\system32\sppobjs.dll
2013-07-07 23:17 . 2013-04-09 04:51	3552768	----a-w-	c:\windows\system32\tquery.dll
2013-07-07 23:16 . 2013-04-09 04:50	65024	----a-w-	c:\windows\system32\msscntrs.dll
2013-07-07 23:16 . 2012-11-06 04:18	267264	----a-w-	c:\windows\system32\EncDump.dll
2013-07-07 23:16 . 2012-10-11 05:06	94208	----a-w-	c:\windows\SysWow64\mssitlb.dll
2013-07-07 23:16 . 2012-10-11 05:06	48640	----a-w-	c:\windows\SysWow64\msscntrs.dll
2013-07-07 23:16 . 2012-12-13 04:00	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-07 23:16 . 2012-12-13 03:59	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-07 23:10 . 2013-05-15 02:25	888320	----a-w-	c:\windows\system32\autochk.exe
2013-07-07 23:09 . 2013-03-15 00:17	861184	----a-w-	c:\windows\system32\drivers\http.sys
2013-07-07 23:09 . 2013-04-16 02:34	1455368	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-07-07 23:06 . 2013-03-02 09:59	411880	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-07-07 23:06 . 2012-10-24 03:25	26624	----a-w-	c:\windows\system32\ReAgentc.exe
2013-07-07 23:06 . 2012-10-24 02:48	24064	----a-w-	c:\windows\SysWow64\ReAgentc.exe
2013-07-07 23:05 . 2012-11-03 05:25	945152	----a-w-	c:\windows\system32\resetengmig.dll
2013-07-07 23:05 . 2013-03-02 08:23	375808	----a-w-	c:\windows\SysWow64\ReAgent.dll
2013-07-07 23:05 . 2013-03-02 02:44	1011200	----a-w-	c:\windows\system32\reseteng.dll
2013-07-07 23:05 . 2012-12-15 04:55	443392	----a-w-	c:\windows\system32\ReAgent.dll
2013-07-07 23:05 . 2012-11-03 05:26	132096	----a-w-	c:\windows\system32\sysreset.exe
2013-07-07 22:58 . 2013-02-02 05:31	1690624	----a-w-	c:\windows\system32\GdiPlus.dll
2013-07-07 22:58 . 2013-02-02 05:41	1437184	----a-w-	c:\windows\SysWow64\GdiPlus.dll
2013-07-07 22:58 . 2013-02-12 00:17	20992	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-07-07 22:58 . 2012-12-16 08:08	362496	----a-w-	c:\windows\system32\atmfd.dll
2013-07-07 22:58 . 2012-12-16 08:28	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-07-07 22:58 . 2012-12-16 08:20	35328	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-07-07 22:58 . 2012-12-16 07:57	300032	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-07-07 22:58 . 2012-11-08 04:24	10752	----a-w-	c:\windows\SysWow64\dciman32.dll
2013-07-07 22:58 . 2012-11-08 04:20	14336	----a-w-	c:\windows\system32\dciman32.dll
2013-07-07 22:58 . 2012-11-08 04:24	75776	----a-w-	c:\windows\SysWow64\fontsub.dll
2013-07-07 22:58 . 2012-11-08 04:20	96256	----a-w-	c:\windows\system32\fontsub.dll
2013-07-07 22:58 . 2012-11-08 04:02	3072	----a-w-	c:\windows\system32\lpk.dll
2013-07-07 22:58 . 2012-11-08 04:01	3072	----a-w-	c:\windows\SysWow64\lpk.dll
2013-07-07 22:57 . 2013-04-02 23:37	25088	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-07-07 22:57 . 2013-04-02 23:12	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-07-07 22:51 . 2013-03-06 06:31	19758592	----a-w-	c:\windows\system32\shell32.dll
2013-07-07 22:51 . 2013-03-06 06:31	222208	----a-w-	c:\windows\system32\shdocvw.dll
2013-07-07 22:51 . 2013-03-06 07:10	112872	----a-w-	c:\windows\system32\consent.exe
2013-07-07 22:51 . 2013-03-06 06:29	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-07-07 22:42 . 2012-11-01 04:40	2361344	----a-w-	c:\windows\system32\msxml6.dll
2013-07-07 22:42 . 2012-11-01 04:40	1836032	----a-w-	c:\windows\system32\msxml3.dll
2013-07-07 22:42 . 2012-11-01 04:41	1802240	----a-w-	c:\windows\SysWow64\msxml6.dll
2013-07-07 22:42 . 2012-11-01 04:41	1438720	----a-w-	c:\windows\SysWow64\msxml3.dll
2013-07-07 22:42 . 2012-11-01 04:21	2048	----a-w-	c:\windows\system32\msxml6r.dll
2013-07-07 22:42 . 2012-11-01 04:21	2048	----a-w-	c:\windows\system32\msxml3r.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 19:07 . 2013-01-21 22:42	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-08-02 19:07 . 2013-01-21 22:42	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-07 19:39 . 2012-07-26 08:13	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-27 22:04 . 2012-07-26 08:14	78200	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14	693112	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\lulu\AppData\Roaming\Spotify\spotify.exe" [2013-07-07 4640768]
"Spotify Web Helper"="c:\users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-07 1104384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-21 642216]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-13 1532992]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Intel AppUp(R) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-10-04 156000]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x]
R3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37	215264	----a-w-	c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-08 07:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-28 1214608]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-11-05 766080]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-11-05 127616]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\
FF - ExtSQL: 2013-07-16 09:14; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - f219e318000000000000a41731e1c014
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15919
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.013:35
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119360&tsp=4962
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-08-02  22:02:53
ComboFix-quarantined-files.txt  2013-08-02 20:02
.
Vor Suchlauf: 10 Verzeichnis(se), 418.303.987.712 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 417.949.827.072 Bytes frei
.
- - End Of File - - F8F96486911A265C1BE36E72F02B8CDF
D41D8CD98F00B204E9800998ECF8427E
         
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.02.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
::-PC [Administrator]

Schutz: Aktiviert

02.08.2013 22:05:28
MBAM-log-2013-08-02 (22-08-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 217771
Laufzeit: 3 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 1
C:\Users\lulu\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 1
C:\Users\lulu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.

(Ende)
         

Alt 02.08.2013, 21:28   #9
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi,
sieht doch schon mal ganz gut aus.
1. Malwarebytes Funde löschen lassen.
Es sind 3 Logs zu erstellen, poste diese möglichst gleichzeitig.
2.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Neustarten.
3.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


neustarten.
4.
Lade Hitmanpro:
HitmanPro - Download - Filepony
Doppelklicken, Scan klicken.
Log speichern und posten, bzw als XML exportieren packen und anhängen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.08.2013, 21:59   #10
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Vielen Dank für deine Hilfe!

Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 02/08/2013 um 22:33:27 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : 
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\lulu\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\searchplugins\Babylon.xml
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\Babylon

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\d4dfd0e13fed49
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\d4dfd0e13fed49

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js

C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "2");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "667DC6D2D447178D425541B8A7FA2EAA");
Gelöscht : user_pref("extensions.delta.id", "f219e318000000000000a41731e1c014");
Gelöscht : user_pref("extensions.delta.instlDay", "15919");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.22.013:35:44");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.013:35:44");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119360&tsp=4962");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [3873 octets] - [02/08/2013 22:33:27]

########## EOF - C:\AdwCleaner[S1].txt - [3933 octets] ##########
         





Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.0 (08.02.2013:1)
OS: Windows 8 x64
Ran by Laura on 02.08.2013 at 22:42:39,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\lulu\AppData\Roaming\mozilla\firefox\profiles\7eaxiflz.default\invalidprefs.js
Emptied folder: C:\Users\lulu\AppData\Roaming\mozilla\firefox\profiles\7eaxiflz.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.08.2013 at 22:48:21,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         



Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : 
   Windows . . . . . . . : 6.2.0.9200.X64/2
   User name . . . . . . : 
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-08-02 22:50:55
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 16s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 446

   Objects scanned . . . : 1.485.366
   Files scanned . . . . : 18.069
   Remnants scanned  . . : 418.855 files / 1.048.442 keys

Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-1135051811-991919262-1634789686-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)

Cookies _____________________________________________________________________

   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:2o7.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.360yield.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.adc-serv.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.adnet.de
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.adserver01.de
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ad.zanox.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ads.ad4game.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:adtech.de
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:adtechus.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:advertising.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:aok.122.2o7.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:apmebf.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:at.atwola.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:atdmt.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:autoscout24.112.2o7.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:c.atdmt.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:clicksor.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:collective-media.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:cunda.122.2o7.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:de.sitestat.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:doubleclick.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ikea.122.2o7.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:invitemedia.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:mediaplex.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:myroitracking.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:revsci.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:ru4.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:serving-sys.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:smartadserver.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:statcounter.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:stats.adotube.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:track.adform.net
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:tradedoubler.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:tribalfusion.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:uk.sitestat.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:www.etracker.de
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:www.googleadservices.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:xiti.com
   C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\cookies.sqlite:yadro.ru
         

Alt 02.08.2013, 22:13   #11
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi,
bitte alle Browwser schließen, Hitmanpro Funde entfernen lassen.
neues FRST Log bitte
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.08.2013, 22:24   #12
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by (administrator) on 02-08-2013 23:22:33
Running from C:\Users\lulu\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKCU\...\Run: [Spotify] - C:\Users\lulu\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-07] (Spotify Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A236D83C-2C6E-4DA1-867B-702412B2964C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-05-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-02 23:21 - 2013-08-02 23:21 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64(1).exe
2013-08-02 22:55 - 2013-08-02 22:55 - 00011420 _____ C:\Users\lulu\Desktop\HitmanPro_20130802_2255.log
2013-08-02 22:50 - 2013-08-02 22:56 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-02 22:49 - 2013-08-02 22:50 - 09833328 _____ (SurfRight B.V.) C:\Users\lulu\Desktop\HitmanPro_x64.exe
2013-08-02 22:48 - 2013-08-02 22:48 - 00000860 _____ C:\Users\lulu\Desktop\JRT.txt
2013-08-02 22:42 - 2013-08-02 22:42 - 00000000 ____D C:\Windows\ERUNT
2013-08-02 22:41 - 2013-08-02 22:41 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\lulu\Desktop\JRT.exe
2013-08-02 22:33 - 2013-08-02 22:33 - 00003998 _____ C:\AdwCleaner[S1].txt
2013-08-02 22:31 - 2013-08-02 22:31 - 00666633 _____ C:\Users\lulu\Desktop\adwcleaner.exe
2013-08-02 22:03 - 2013-08-02 22:03 - 00028691 _____ C:\ComboFix.txt
2013-08-02 21:35 - 2013-08-02 22:03 - 00000000 ____D C:\ComboFix
2013-08-02 21:35 - 2013-08-02 21:35 - 00001453 _____ C:\Users\lulu\Desktop\ComboFix - Verknüpfung.lnk
2013-08-02 21:35 - 2013-08-02 21:35 - 00001149 _____ C:\Users\lulu\Desktop\avira3737_free_antivirus_de - Verknüpfung.lnk
2013-08-02 21:31 - 2013-08-02 21:31 - 05097855 _____ (Swearware) C:\Users\lulu\Desktop\ComboFix.exe
2013-08-02 21:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-02 21:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-02 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-02 21:29 - 2013-08-02 22:03 - 00000000 ____D C:\Qoobox
2013-08-02 21:29 - 2013-08-02 21:57 - 00000000 ____D C:\Windows\erdnt
2013-08-02 21:28 - 2013-08-02 21:29 - 05097855 ____R (Swearware) C:\Users\lulu\Downloads\ComboFix.exe
2013-08-02 21:08 - 2013-08-02 21:09 - 24250211 _____ (Mozilla) C:\Users\lulu\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Program Files\Java
2013-08-02 21:06 - 2013-08-02 21:06 - 33150376 _____ (Oracle Corporation) C:\Users\lulu\Downloads\jre-7u25-windows-x64.exe
2013-08-02 20:54 - 2013-08-02 20:54 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-02 20:54 - 2013-08-02 20:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-02 19:44 - 2013-08-02 19:44 - 00117087 _____ C:\Users\lulu\Downloads\FRST.txt
2013-08-02 19:43 - 2013-08-02 19:44 - 00029057 _____ C:\Users\lulu\Downloads\Addition.txt
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Desktop\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com                                       ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:38 - 2013-08-02 12:39 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 11:50 - 2013-07-21 12:00 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:22 - 2012-09-18 15:27 - 00501760 _____ C:\Windows\system32\ZSHP1020.EXE
2013-07-19 11:22 - 2012-09-18 15:27 - 00192512 _____ C:\Windows\system32\ZLhp1020.DLL
2013-07-19 11:22 - 2012-09-18 09:34 - 00247296 _____ () C:\Windows\system32\zshp1020s.dll
2013-07-19 11:22 - 2012-09-18 09:34 - 00128380 _____ C:\Windows\system32\hp1018.img
2013-07-19 11:22 - 2012-09-18 09:34 - 00010698 _____ C:\Windows\system32\ZSHP1018.CHM
2013-07-19 11:19 - 2013-07-19 11:23 - 00321770 _____ C:\1020.log
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 14:04 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-18 14:04 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 14:04 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-18 14:04 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-18 14:04 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-18 14:04 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-18 14:04 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-18 14:04 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-18 14:04 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-18 14:04 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-18 14:03 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-18 14:03 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-18 14:03 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-18 14:03 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-18 14:03 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-18 14:03 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-18 14:03 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 08:54 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-15 15:40 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-07-15 15:40 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-07-15 15:40 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-08 06:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:38 - 2012-11-06 09:52 - 00277736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-07-15 15:38 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00976384 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2013-07-15 15:38 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-07-15 15:38 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2013-07-15 15:38 - 2012-11-06 05:53 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-15 15:38 - 2012-11-06 05:51 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-12 08:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2013-07-14 21:21 - 2012-10-12 07:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-07-14 21:20 - 2012-10-24 06:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-07-14 21:20 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2013-07-14 21:20 - 2012-10-11 07:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-07-14 21:20 - 2012-10-11 07:44 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-14 21:20 - 2012-10-11 07:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-07-14 21:19 - 2012-10-11 09:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-07-14 21:19 - 2012-10-11 09:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2013-07-14 21:19 - 2012-10-11 09:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-14 21:19 - 2012-10-11 09:18 - 00172264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00058088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2013-07-14 21:19 - 2012-10-11 09:08 - 00562392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-14 21:19 - 2012-10-11 07:46 - 00517120 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 01045504 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00904192 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2013-07-14 21:19 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-07-14 21:19 - 2012-10-11 07:16 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-07-14 21:19 - 2012-10-11 07:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2013-07-14 21:19 - 2012-10-11 07:07 - 00962560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 06:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 02:45 - 00478424 _____ C:\Windows\SysWOW64\locale.nls
2013-07-14 21:19 - 2012-10-11 02:44 - 00478424 _____ C:\Windows\system32\locale.nls
2013-07-14 21:18 - 2012-12-04 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-07-14 21:18 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 01071104 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-07-14 21:18 - 2012-11-27 06:18 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:17 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-07-14 21:18 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-14 21:18 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2013-07-14 21:18 - 2012-10-12 07:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-14 21:18 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2013-07-14 21:18 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2013-07-11 21:49 - 2013-07-11 22:10 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:24 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:24 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:24 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:24 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 09:23 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 09:23 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:23 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-08 20:32 - 2013-07-20 12:33 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-08 20:31 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-08-02 15:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-07-08 20:30 - 2013-07-21 23:42 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:31 - 2013-08-02 22:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 15:31 - 2013-07-15 09:28 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-08 15:30 - 2013-08-02 20:55 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 14:49 - 2013-07-08 15:10 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:49 - 2013-07-14 20:50 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-08 09:39 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-08 09:39 - 2013-07-14 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 09:39 - 2013-07-08 15:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 01:23 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2013-07-08 01:22 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-07-08 01:20 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00785504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-08 01:20 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:26 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:22 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:22 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-07-08 01:20 - 2013-01-09 05:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-07-08 01:20 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2013-07-08 01:19 - 2013-03-02 12:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-07-08 01:19 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2013-07-08 01:19 - 2013-03-02 12:45 - 00148712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00327912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-07-08 01:19 - 2013-03-02 10:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01161728 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-07-08 01:19 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2013-07-08 01:19 - 2013-03-02 04:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2013-07-08 01:19 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-07-08 01:19 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-07-08 01:19 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2013-07-08 01:17 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-07-08 01:17 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2013-07-08 01:17 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2013-07-08 01:17 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2013-07-08 01:17 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-07-08 01:17 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2013-07-08 01:17 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2013-07-08 01:17 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-07-08 01:17 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-07-08 01:17 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-07-08 01:17 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-07-08 01:17 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-07-08 01:17 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-07-08 01:17 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-07-08 01:17 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-07-08 01:17 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-07-08 01:17 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-07-08 01:17 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-07-08 01:17 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-08 01:17 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2013-07-08 01:17 - 2012-11-06 09:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2013-07-08 01:17 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-07-08 01:16 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-07-08 01:16 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-08 01:16 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-08 01:16 - 2012-11-06 06:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-08 01:11 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-07-08 01:11 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-07-08 01:11 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-07-08 01:11 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-08 01:11 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-07-08 01:11 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-07-08 01:11 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-07-08 01:11 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-07-08 01:11 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-07-08 01:11 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2013-07-08 01:11 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2013-07-08 01:11 - 2012-11-02 07:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-08 01:10 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-08 01:10 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-08 01:10 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-07-08 01:10 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-07-08 01:10 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-07-08 01:10 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-07-08 01:10 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-07-08 01:09 - 2013-04-16 04:34 - 01455368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-08 01:09 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-07-08 01:07 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-08 01:07 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-08 01:07 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-08 01:07 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-08 01:07 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2013-07-08 01:07 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2013-07-08 01:07 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2013-07-08 01:07 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-08 01:07 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-08 01:06 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-08 01:06 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2013-07-08 01:06 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-07-08 01:05 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-07-08 01:05 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2013-07-08 01:05 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-07-08 01:05 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2013-07-08 01:05 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2013-07-08 00:59 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-08 00:59 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-07-08 00:59 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00496872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-07-08 00:59 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-08 00:59 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-07-08 00:59 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-07-08 00:59 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2013-07-08 00:59 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-07-08 00:59 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2013-07-08 00:59 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2013-07-08 00:59 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-07-08 00:59 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2013-07-08 00:59 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2013-07-08 00:59 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2013-07-08 00:59 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2013-07-08 00:58 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-08 00:58 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-07-08 00:58 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-08 00:58 - 2012-12-16 10:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:20 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:08 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-08 00:58 - 2012-12-16 09:57 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-07-08 00:58 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-07-08 00:57 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-08 00:57 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-08 00:51 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-08 00:51 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-08 00:51 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-08 00:51 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-08 00:47 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-07-08 00:47 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-07-08 00:47 - 2013-01-29 03:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-07-08 00:47 - 2013-01-29 01:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-07-08 00:42 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:41 - 01438720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 01836032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-08 00:39 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-08 00:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-08 00:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-08 00:38 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-08 00:38 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-08 00:38 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-08 00:38 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-08 00:38 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-17 18:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 ___RD C:\MSOCache
2013-07-07 23:05 - 2013-08-02 22:37 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:12 - 2013-07-19 11:21 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:51 - 2013-08-02 20:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-08-02 21:22 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-07-07 21:44 - 2013-08-02 13:41 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-07-07 21:44 - 2013-07-07 23:53 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-07 21:42 - 2013-07-08 15:54 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:41 - 2013-07-07 22:58 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-08 15:10 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:39 - 2013-07-07 21:43 - 00000000 ____D C:\Users\lulu
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

2013-08-02 23:21 - 2013-08-02 23:21 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64(1).exe
2013-08-02 23:04 - 2013-01-22 00:41 - 01688152 _____ C:\Windows\WindowsUpdate.log
2013-08-02 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-02 22:59 - 2013-07-08 15:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-02 22:56 - 2013-08-02 22:50 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-02 22:55 - 2013-08-02 22:55 - 00011420 _____ C:\Users\lulu\Desktop\HitmanPro_20130802_2255.log
2013-08-02 22:50 - 2013-08-02 22:49 - 09833328 _____ (SurfRight B.V.) C:\Users\lulu\Desktop\HitmanPro_x64.exe
2013-08-02 22:48 - 2013-08-02 22:48 - 00000860 _____ C:\Users\lulu\Desktop\JRT.txt
2013-08-02 22:42 - 2013-08-02 22:42 - 00000000 ____D C:\Windows\ERUNT
2013-08-02 22:41 - 2013-08-02 22:41 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\lulu\Desktop\JRT.exe
2013-08-02 22:40 - 2013-01-22 00:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-02 22:40 - 2013-01-22 00:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-02 22:40 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-02 22:37 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-08-02 22:35 - 2012-08-03 04:22 - 00034564 _____ C:\Windows\PFRO.log
2013-08-02 22:35 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-02 22:34 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-02 22:33 - 2013-08-02 22:33 - 00003998 _____ C:\AdwCleaner[S1].txt
2013-08-02 22:31 - 2013-08-02 22:31 - 00666633 _____ C:\Users\lulu\Desktop\adwcleaner.exe
2013-08-02 22:17 - 2013-01-22 00:45 - 00000000 ____D C:\ProgramData\McAfee
2013-08-02 22:03 - 2013-08-02 22:03 - 00028691 _____ C:\ComboFix.txt
2013-08-02 22:03 - 2013-08-02 21:35 - 00000000 ____D C:\ComboFix
2013-08-02 22:03 - 2013-08-02 21:29 - 00000000 ____D C:\Qoobox
2013-08-02 22:03 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-08-02 21:57 - 2013-08-02 21:29 - 00000000 ____D C:\Windows\erdnt
2013-08-02 21:47 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-08-02 21:35 - 2013-08-02 21:35 - 00001453 _____ C:\Users\lulu\Desktop\ComboFix - Verknüpfung.lnk
2013-08-02 21:35 - 2013-08-02 21:35 - 00001149 _____ C:\Users\lulu\Desktop\avira3737_free_antivirus_de - Verknüpfung.lnk
2013-08-02 21:31 - 2013-08-02 21:31 - 05097855 _____ (Swearware) C:\Users\lulu\Desktop\ComboFix.exe
2013-08-02 21:29 - 2013-08-02 21:28 - 05097855 ____R (Swearware) C:\Users\lulu\Downloads\ComboFix.exe
2013-08-02 21:22 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-08-02 21:21 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-08-02 21:15 - 2013-01-22 01:28 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-08-02 21:12 - 2013-01-22 01:28 - 00000000 ____D C:\ProgramData\WildTangent
2013-08-02 21:09 - 2013-08-02 21:08 - 24250211 _____ (Mozilla) C:\Users\lulu\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Program Files\Java
2013-08-02 21:07 - 2013-01-22 00:42 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-02 21:07 - 2013-01-22 00:42 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-02 21:06 - 2013-08-02 21:06 - 33150376 _____ (Oracle Corporation) C:\Users\lulu\Downloads\jre-7u25-windows-x64.exe
2013-08-02 20:55 - 2013-07-08 15:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-08-02 20:54 - 2013-08-02 20:54 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-02 20:54 - 2013-08-02 20:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-02 20:54 - 2013-01-22 01:08 - 00000000 ____D C:\ProgramData\Adobe
2013-08-02 20:21 - 2013-07-07 21:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-08-02 19:44 - 2013-08-02 19:44 - 00117087 _____ C:\Users\lulu\Downloads\FRST.txt
2013-08-02 19:44 - 2013-08-02 19:43 - 00029057 _____ C:\Users\lulu\Downloads\Addition.txt
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Desktop\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-08-02 13:41 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com                                       ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:39 - 2013-08-02 12:38 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:59 - 2013-01-22 01:13 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-31 16:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 23:42 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-21 12:00 - 2013-07-21 11:50 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 12:33 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-20 11:53 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-19 11:23 - 2013-07-19 11:19 - 00321770 _____ C:\1020.log
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:21 - 2013-07-07 22:12 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 23:00 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-17 18:23 - 2013-07-08 00:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 18:13 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 09:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-15 23:01 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-15 23:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-15 09:28 - 2013-07-08 15:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 20:55 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 20:53 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 20:50 - 2013-07-08 09:49 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 22:10 - 2013-07-11 21:49 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-08 20:32 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 20:27 - 2012-07-26 09:21 - 00020708 _____ C:\Windows\setupact.log
2013-07-08 15:54 - 2013-07-07 21:42 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:15 - 2013-07-08 09:39 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 15:10 - 2013-07-08 14:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-08 15:10 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-08 15:10 - 2012-08-03 04:25 - 00000000 ____D C:\ProgramData\PRICache
2013-07-08 14:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 02:05 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-08 00:36 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:35 - 2012-10-20 02:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:34 - 2013-01-22 01:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 ___RD C:\MSOCache
2013-07-07 23:54 - 2013-01-22 00:48 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2013-07-07 23:53 - 2013-07-07 21:44 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:58 - 2013-07-07 21:41 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-07 21:39 - 00000000 ____D C:\Users\lulu
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:42 - 2013-01-22 01:07 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-07 21:42 - 2013-01-22 00:17 - 00000000 ____D C:\Program Files\Sony
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:40 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-07 21:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-31 09:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 02.08.2013, 22:39   #13
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi,

1. wenn du Software instalierst, bitte:
- Google immer das Programm, welches du instalieren möchtest, das Stichwort Adware zur suche, so kann man evtl. Instalationen gleich aussortieren die bekannt dafür sind, unerwünschte Software zu instalieren.
- Lies die AGBS's bzw Lizenzverträge immer richtig, dort sollte auf Drittanbietersoftware hingewiesen werden.
- Instaliere, wenn möglich, Programme immer nutzerdefiniert, um Toolbars etc abwählen zu können.
2. Funktioniert MCafee wieder? Prüfe das, in dem du das Programm mal öffnest.
3.
bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.
Wenn alles nach Wunsch läuft:
4.
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


5. PC absichern, wir haben Moment, keine passene Anleitung für win8, lies einfach den Abschnitt für win7, da sollte das meiste passen.
Der Rest der Anleitung zur absicherung, also Drittanbietersoftware, ist alles für Win8 nutzbar.
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
Computeractive Software Store - Emsisoft Anti-Malware 8 [1-PC] - 63% off RRP
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
http://support.google.com/chrome/bin...&answer=118663
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
http://www.roboform.com/de/manual.htmlb
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.08.2013, 23:47   #14
vincentlbk
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



puuh, ziemlich lang - aber dafür umso größer mein Dankeschön für die ausführliche Anleitung!
Ich habe jetzt fast alles durch, aber einige Sachen haben bei mir nicht funktioniert, wie: datenausführungsverhinderung und windows fix it.

beim Antiviren-Programm habe ich mich jetzt erstmal für Avast entschieden.

Wirklich vielen Dank für alles!

Alt 03.08.2013, 00:37   #15
markusg
/// Malware-holic
 
werbetrojaner windows 8; malewarebytes über 100 funde - Standard

werbetrojaner windows 8; malewarebytes über 100 funde



Hi, ja alles funktioniert nicht bzw ist bereits in Win8 aktiv.
ich möchte erst mal anhand einer checkliste prüfen ob du alles hast.

- instalieren von optionalen und wichtigen updates.
- konfigurieren von windows updates.
- chrome instalieren.
- sandboxie instalieren.
- autorun deaktivieren.
- panda vaccine instalieren.
- secunia instalieren.
- file hippo instalieren.
beachte:
secunia und file hippo bieten englische updates, überall wo du auf die nutzeroberfläche zugreifst, wie zb reader, browser, etc benötigst du deutsche updates, also hier die hersteller seiten in den favoriten deines browsers speichern und wenn ein update gezeigt wird, von dort hohlen, bei java, flash quicktime, ist es egal ob deutsch oder englisch.
- backup software instalieren, backup und rettungsdvd erstellen.
hier ne kurze anleitung:
Anleitung: Systemabbild mit Paragon Drive Backup - NETZWELT

- wenn du onlinebanking machst, kann ich noch kurz was über die vorteile von card reader und banking software sagen.
- passwort manager instaliert.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu werbetrojaner windows 8; malewarebytes über 100 funde
betriebssystem, deinstalliert, geschützt, grün unterstrichen, meldungen, mögliche, optional, pup optional, pup.babylon.a, pup.delta.a, pup.optional.a.babsolution, pup.optional.addlyrics, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.browserdefender.a, pup.optional.delta.a, pup.optional.lyricxeeker.a, pup.optional.lyrixeeker, pup.optional.startpage, security, trojan.inject, unterstrichen, werbetrojaner, woche, wörter grün




Ähnliche Themen: werbetrojaner windows 8; malewarebytes über 100 funde


  1. Maillaccount gehackt /verschiedene Funde mit Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 18.08.2016 (221)
  2. über 1000 Funde mit Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (33)
  3. Windows 7: mehrere Registry Key-Funde (über 1000), Internet Explorer sehr langsam
    Log-Analyse und Auswertung - 09.06.2014 (12)
  4. Malwarebites über 600 Funde
    Log-Analyse und Auswertung - 26.12.2013 (15)
  5. maleware anzeige über malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (25)
  6. Win7 32bit-Alter Laptop: Malewarebytes zeigt an die 100 Funde an
    Log-Analyse und Auswertung - 02.10.2013 (7)
  7. Funde Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 01.10.2013 (5)
  8. Malewarebytes findet über 200 Fehler
    Log-Analyse und Auswertung - 30.08.2013 (9)
  9. 30 Funde bei suchlauf von Malewarebytes !
    Plagegeister aller Art und deren Bekämpfung - 29.08.2013 (10)
  10. Windows 7: Malewarebytes findet nach jedem Suchlauf neue Funde.
    Log-Analyse und Auswertung - 28.08.2013 (7)
  11. Über 900 PUP.Optional.-Funde über Malewarebyte
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (13)
  12. Werbetrojaner (?) bei der Google Suche über Firefox
    Log-Analyse und Auswertung - 13.05.2013 (16)
  13. GUV Virus weiterhin auf dem Rechner? Malewarebytes = keine Funde/ Antivir = 2 Funde
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (3)
  14. Erpresserischer Trojaner Funde bei Malewarebytes Logfile
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (4)
  15. Rat bzgl. mystart.incredibar.com bzw. softonic-Funde in Malewarebytes Anti-Malware
    Log-Analyse und Auswertung - 04.07.2012 (12)
  16. Malewarebytes 16 Funde
    Log-Analyse und Auswertung - 17.08.2011 (1)
  17. HiJack und Gmer durchsehen - Malewarebytes zeigt keine funde.
    Log-Analyse und Auswertung - 30.12.2010 (27)

Zum Thema werbetrojaner windows 8; malewarebytes über 100 funde - Hallo, seit heute sind auf allen möglichen Seiten Wörter grün unterstrichen und verlinken Werbung. Das Betriebssystem ist Windows 8 - mit dem ich mich leider gar nicht auskenne. Malwarebytes hat - werbetrojaner windows 8; malewarebytes über 100 funde...
Archiv
Du betrachtest: werbetrojaner windows 8; malewarebytes über 100 funde auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.