Mozilla Google chrome funktioniert nicht, viele Fenster ploppen auf, mein Antivir ist ziemlich beschäftigt

Rockslide · 11.07.2014, 07:17

Ich brauche dringend Hilfe! Denn seit 2 Tagen, nach Reparatur und einer anschließenden Neuinstallatation aller Programme hab ich mir was schreckliches auf meinen PC geholt. Ich komme garnich tmehr mit. Weder Googel chrome noch Firefox arbeiten, Internet-Explorer beschert mich mit allerhand unerwünschter Werbung etc. Antivirus meldet ständig Bedrohungen, weiß nicht mehr weiter. Danke für schnelle Hilfe

Und was bitte sind Trackbacks?

schrauber · 11.07.2014, 07:29

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Rockslide · 11.07.2014, 08:25

wow, schnelle Hilfe, mach ich, danke

was mach ich falsch, die Datei ist zu lang und anhängen geht nicht

, danke für Hilfe

Rockslide · 11.07.2014, 09:11

Addition.txt. im Anhang, das FRST ist zu lang, Hilfe!

Rockslide · 11.07.2014, 10:02

First Teil 1

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by User (administrator) on USER-PC on 11-07-2014 09:04:36
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [lot_07081714] => c:\users\user\appdata\local\lot_07081714\lot_07081714.exe [2617344 2014-07-08] ()
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File Not Found
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\itunes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\memeolauncher2.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\quicktimeplayer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tvdtray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lot_07081714.lnk
ShortcutTarget: lot_07081714.lnk -> C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Firefox.de Offizielle Download Page MP3 Firefox Musikverlag
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404839654&from=tugs&uid=HITACHIXHTS727575A9E364_J3740084H2ERXEH2ERXEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404839654&from=tugs&uid=HITACHIXHTS727575A9E364_J3740084H2ERXEH2ERXEX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{65449825-340B-4B0B-D82C-63B7C23DC344}] - C:\Program Files (x86)\v01Re-markit\174.xpi

Chrome:
=======
CHR StartupUrls: "https://www.google.de/"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-07-06]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05]
CHR Extension: (CostMin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf [2014-07-10]
CHR Extension: (Re-markit) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjilminfakplkijfhhempcjdfccdpeal [2014-07-08]
CHR Extension: (CostMin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0 [2014-07-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3156936 2014-07-08] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
S4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-06-18] (Just Develop It)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-08] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-08] (globalUpdate) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-06-26] (Corsica)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-11 09:04 - 2014-07-11 09:05 - 00018579 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-11 09:04 - 2014-07-11 09:04 - 00000000 ___DC () C:\FRST
2014-07-11 08:59 - 2014-07-11 08:59 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-11 07:23 - 2014-07-11 07:23 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-11 07:23 - 2014-07-11 07:23 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-11 07:23 - 2014-07-11 07:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-11 07:22 - 2014-07-11 07:23 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe
2014-07-11 06:49 - 2014-07-11 06:49 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 00:38 - 2014-07-11 00:38 - 00000134 _____ () C:\Users\User\Desktop\Internet Explorer Troubleshooting.url
2014-07-11 00:34 - 2014-07-11 00:34 - 00284288 _____ (Mozilla) C:\Users\User\Downloads\Firefox Setup Stub 30.0.exe
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:32 - 2014-07-11 00:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 21:35 - 2014-07-11 07:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 21:30 - 2014-07-10 21:30 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-10 21:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-10 21:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-10 21:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 19:55 - 2014-07-10 20:23 - 00390976 _____ () C:\Users\User\Desktop\logs_10.07.2014_19_39_38.log
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 18:09 - 2014-07-10 23:58 - 00895120 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira
2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-10 06:22 - 2014-07-10 06:27 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 06:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 06:20 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-10 06:20 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-10 06:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 06:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 06:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 06:19 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 06:19 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 06:19 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 06:19 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 06:19 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 06:19 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-10 06:19 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-10 06:19 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 06:19 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 06:19 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 06:19 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 06:19 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 06:19 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 06:19 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-10 06:19 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-10 06:19 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-10 06:19 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 06:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 06:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 06:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 06:19 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-10 06:19 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-10 06:19 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-10 06:19 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-10 06:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 06:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 06:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 06:17 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-10 06:17 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-10 06:17 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-07-10 06:17 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-07-10 06:11 - 2014-07-10 06:11 - 00002640 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:43 - 2014-07-09 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-08 22:08 - 00003198 _____ () C:\Windows\System32\Tasks\psbep
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 22:54 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 22:54 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 22:55 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:29 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 20:29 - 2014-07-08 22:15 - 00001184 _____ () C:\Users\User\AppData\Roaming\aps.scan.quick.results
2014-07-08 20:29 - 2014-07-08 22:15 - 00000320 _____ () C:\Users\User\AppData\Roaming\aps.uninstall.scan.results
2014-07-08 20:29 - 2014-07-08 22:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\aps.scan.results
2014-07-08 20:29 - 2014-07-08 22:13 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-08 20:29 - 2014-07-08 20:30 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-08 20:28 - 2014-07-08 20:30 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:28 - 2014-07-08 20:28 - 00001049 _____ () C:\Users\User\Desktop\AnyProtect.lnk
2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-08 20:27 - 2014-07-08 20:28 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-08 20:27 - 2014-07-08 20:27 - 00591520 _____ (ClickMeIn Limited) C:\Users\User\AppData\Local\nsy7D1E.tmp
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 22:56 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-08 19:53 - 00003204 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 22:55 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-06-16 13:13 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-07-08 19:39 - 2014-06-16 13:13 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-07-08 19:39 - 2014-06-16 13:13 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-07-08 19:37 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:35 - 2014-07-08 19:36 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-10 19:03 - 00001087 _____ () C:\Users\User\Desktop\Continue VuuPC Installation.lnk
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\Documents\Optimizer Pro
2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Optimizer Pro
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:18 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:17 - 2014-07-09 00:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-08 19:17 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:16 - 2014-07-08 19:16 - 00001973 _____ () C:\Users\User\Desktop\Sync Folder.lnk
2014-07-08 19:15 - 2014-07-11 00:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\VOPackage
2014-07-08 19:15 - 2014-07-11 00:25 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-08 19:15 - 2014-07-08 22:14 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-07-08 19:15 - 2014-07-08 19:15 - 00001091 _____ () C:\Users\User\Desktop\MyPC Backup.lnk
2014-07-08 19:15 - 2014-07-08 19:15 - 00001066 _____ () C:\Users\User\Desktop\Optimizer Pro.lnk
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-08 19:14 - 2014-07-11 08:59 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714
2014-07-08 19:14 - 2014-07-11 06:47 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-08 19:14 - 2014-07-11 00:56 - 00001470 _____ () C:\Windows\Tasks\5b129954-e7dd-4971-9aba-a63c9e9df39c-5_user.job
2014-07-08 19:14 - 2014-07-11 00:55 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-08 19:14 - 2014-07-08 19:14 - 00003656 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Users\User\AppData\Local\globalUpdate
2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-08 19:13 - 2014-07-10 06:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2014-06-26 07:24 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 _RHDC () C:\MSOCache
2014-07-08 18:43 - 2014-07-10 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-08 18:38 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-08 18:38 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:38 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-08 07:18 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-08 07:18 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-08 07:18 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:09 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-11 00:22 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:50 - 2013-12-27 23:34 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-06 19:49 - 2014-07-11 00:22 - 00000000 ____D () C:\Program Files (x86)\Search Results Toolbar
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\smartdl
2014-07-06 19:48 - 2014-07-11 07:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-06 19:48 - 2014-07-10 23:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-06 19:48 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:47 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Claro LTD
2014-07-06 19:45 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1ClickDownload
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:44 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-06 19:44 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-06 19:44 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:30 - 2014-07-06 17:31 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:36 - 2014-07-06 15:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:34 - 2014-07-07 06:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:17 - 2014-07-08 22:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-10 07:28 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:13 - 2014-07-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-06 15:12 - 2014-07-06 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\4.0
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:38 - 2014-07-06 12:39 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-06 12:20 - 2014-07-11 00:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:17 - 2014-07-10 23:47 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-06 12:17 - 2014-07-06 12:18 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 12:10 - 2014-07-06 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:10 - 2014-07-06 12:27 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-05 17:54 - 2014-07-05 19:26 - 00000000 __SHD () C:\Users\User\AppData\Roaming\.#
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 14:24 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAT.DLL
2014-07-05 13:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-05 13:58 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-05 13:58 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-07-05 13:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-05 13:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-07-05 13:58 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-07-05 13:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-05 13:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-05 13:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-05 13:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-05 13:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-07-05 13:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-05 13:57 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-05 13:57 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-05 13:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-05 13:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-07-05 13:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-05 13:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-05 13:57 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-05 13:57 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-05 13:57 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-07-05 13:57 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-05 13:57 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-07-05 13:57 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-07-05 13:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-05 13:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-05 13:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-05 13:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-05 13:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-05 13:56 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-07-05 13:56 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-05 13:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-05 13:56 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-05 13:56 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-05 13:56 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-05 13:56 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-05 13:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-05 13:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-05 13:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-05 13:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-07-05 13:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-05 13:56 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-07-05 13:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-05 13:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-05 13:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-07-05 13:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-07-05 13:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-07-05 13:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-07-05 13:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-05 13:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-05 13:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-05 13:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-05 13:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-05 13:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-05 13:55 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-05 13:55 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-05 13:55 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-05 13:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-07-05 13:55 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-05 13:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-05 13:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-05 13:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-07-05 13:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-05 13:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-07-05 13:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-05 13:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-05 13:55 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-05 13:55 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-05 13:55 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-07-05 13:55 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-07-05 13:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-07-05 13:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-07-05 13:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-07-05 13:55 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-07-05 13:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-07-05 13:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-07-05 13:55 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-07-05 13:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-07-05 13:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-05 13:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-05 13:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-05 13:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-07-05 13:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-07-05 13:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-07-05 13:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-07-05 13:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-07-05 13:54 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-05 13:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-05 13:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-05 13:53 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-05 13:53 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-05 13:53 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-05 13:53 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-07-05 13:53 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-07-05 13:53 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-07-05 13:53 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-07-05 13:53 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-07-05 13:53 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-07-05 13:53 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-07-05 13:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-05 13:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-05 13:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-05 13:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-05 13:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-05 13:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-05 13:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-05 13:52 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-05 13:52 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-05 13:52 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-05 13:52 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-07-05 13:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-05 13:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-05 13:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-05 13:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-07-05 13:52 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-07-05 13:52 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-07-05 13:52 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-05 13:52 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-07-05 13:52 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-05 13:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-07-05 13:52 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-05 13:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-07-05 13:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-07-05 13:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-07-05 13:52 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-07-05 13:52 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-07-05 13:52 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-05 13:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-07-05 13:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-07-05 13:52 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-05 13:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-05 13:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-05 13:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-05 13:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-05 13:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-05 13:05 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 12:16 - 2014-07-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:43 - 2014-07-02 12:16 - 00000000 ____D () C:\Temp
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:41 - 2014-07-11 00:36 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-02 11:19 - 2014-07-02 11:20 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-11 06:49 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-02 11:08 - 2014-07-08 19:14 - 00001671 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 11:08 - 2014-07-08 19:14 - 00001649 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:07 - 2012-04-11 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema
2014-07-02 11:07 - 2012-03-14 23:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-07-02 11:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-02 11:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2011-08-15 12:59 - 00001854 _____ () C:\Users\Public\Desktop\MEDION Services.lnk
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:04 - 2011-09-20 13:06 - 00002439 _____ () C:\Users\Public\Desktop\MEDIONmediathek.lnk
2014-07-02 11:03 - 2014-07-02 11:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-11 00:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-02 11:02 - 2014-07-11 00:47 - 00000000 ____D () C:\ProgramData\Partner
2014-07-02 11:02 - 2014-07-08 19:14 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:51 - 2014-07-11 08:12 - 01349360 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:51 - 2014-07-02 10:52 - 00000000 __SHD () C:\Recovery
2014-06-22 23:57 - 2014-07-06 11:01 - 00000000 ___RD () C:\Users\User\Dropbox
2014-06-22 23:55 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-06-22 21:21 - 2014-07-08 20:16 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-06-22 21:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-06-22 21:20 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-06-22 21:20 - 2014-07-06 11:41 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-06-22 21:20 - 2014-07-06 11:27 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-06-22 21:20 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-06-22 21:20 - 2014-06-22 08:40 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-22 21:17 - 2014-07-06 11:41 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-06-22 21:17 - 2014-04-25 12:58 - 06772879 _____ () C:\Users\User\Desktop\wordpress-3.9-de_DE.zip
2014-06-22 21:16 - 2014-06-22 18:49 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 21:16 - 2014-04-21 10:55 - 13849784 _____ (Microsoft Corporation) C:\Users\User\Desktop\mseinstall.exe
2014-06-22 21:16 - 2013-12-28 00:24 - 00038363 _____ () C:\Users\User\Desktop\logs_27.12.2013_23_05_28.log
2014-06-22 21:16 - 2013-12-14 08:52 - 01750312 _____ (WindSolutions) C:\Users\User\Desktop\logpacker.exe
2014-06-22 21:16 - 2013-05-04 11:32 - 00001050 _____ () C:\Users\User\Desktop\VirtualDJ Home FREE.lnk
2014-06-22 21:16 - 2012-12-29 12:53 - 2884829184 _____ () C:\Users\User\Desktop\Windows Installationsdatei 12.12.iso
2014-06-22 21:15 - 2013-05-04 11:29 - 38944576 _____ (Atomix Productions) C:\Users\User\Desktop\install_virtualdj_home_v7.4.exe
2014-06-22 21:15 - 2013-03-07 23:19 - 90130256 _____ (Apple Inc.) C:\Users\User\Desktop\iTunes64Setup.exe
2014-06-22 21:14 - 2014-02-20 20:38 - 00055808 _____ () C:\Users\User\Desktop\FahrplanTage berechnen.xls
2014-06-22 21:14 - 2014-02-20 19:27 - 00057856 _____ () C:\Users\User\Desktop\Fahrplan2.xls
2014-06-22 21:14 - 2014-01-17 10:38 - 1489184417 _____ () C:\Users\User\Desktop\home-hd-de.zip
2014-06-22 21:14 - 2013-12-27 23:46 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\User\Desktop\hijackhunter_setup.exe
2014-06-22 21:14 - 2013-12-24 10:43 - 00053760 _____ () C:\Users\User\Desktop\Fahrplan2014.xls
2014-06-22 21:14 - 2013-12-17 23:43 - 36152456 _____ (Amazon) C:\Users\User\Desktop\AmazonCloudPlayerInstaller_399.exe
2014-06-22 20:59 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\CyberLink

Rockslide · 11.07.2014, 10:09

First Teil 2

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

2014-07-11 09:05 - 2014-07-11 09:04 - 00018579 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-11 09:04 - 2014-07-11 09:04 - 00000000 ___DC () C:\FRST
2014-07-11 09:02 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 09:02 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 08:59 - 2014-07-11 08:59 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-11 08:59 - 2014-07-08 19:14 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714
2014-07-11 08:37 - 2011-07-18 23:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-11 08:12 - 2014-07-02 10:51 - 01349360 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 08:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-11 07:49 - 2014-07-10 21:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 07:23 - 2014-07-11 07:23 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-11 07:23 - 2014-07-11 07:23 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-11 07:23 - 2014-07-11 07:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-11 07:23 - 2014-07-11 07:22 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe
2014-07-11 07:23 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-11 06:49 - 2014-07-11 06:49 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 06:49 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-11 06:47 - 2014-07-08 19:14 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-11 00:56 - 2014-07-08 19:14 - 00001470 _____ () C:\Windows\Tasks\5b129954-e7dd-4971-9aba-a63c9e9df39c-5_user.job
2014-07-11 00:55 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-11 00:53 - 2011-05-16 17:16 - 00649278 _____ () C:\Windows\system32\perfh01F.dat
2014-07-11 00:53 - 2011-05-16 17:16 - 00140402 _____ () C:\Windows\system32\perfc01F.dat
2014-07-11 00:53 - 2011-05-16 17:03 - 00721614 _____ () C:\Windows\system32\prfh0816.dat
2014-07-11 00:53 - 2011-05-16 17:03 - 00153308 _____ () C:\Windows\system32\prfc0816.dat
2014-07-11 00:53 - 2011-05-16 16:55 - 00732954 _____ () C:\Windows\system32\perfh015.dat
2014-07-11 00:53 - 2011-05-16 16:55 - 00156274 _____ () C:\Windows\system32\perfc015.dat
2014-07-11 00:53 - 2011-05-16 16:47 - 00736094 _____ () C:\Windows\system32\perfh013.dat
2014-07-11 00:53 - 2011-05-16 16:47 - 00153504 _____ () C:\Windows\system32\perfc013.dat
2014-07-11 00:53 - 2011-05-16 16:39 - 00732642 _____ () C:\Windows\system32\perfh010.dat
2014-07-11 00:53 - 2011-05-16 16:39 - 00147248 _____ () C:\Windows\system32\perfc010.dat
2014-07-11 00:53 - 2011-05-16 16:31 - 00676350 _____ () C:\Windows\system32\perfh00E.dat
2014-07-11 00:53 - 2011-05-16 16:31 - 00171676 _____ () C:\Windows\system32\perfc00E.dat
2014-07-11 00:53 - 2011-05-16 16:25 - 00738312 _____ () C:\Windows\system32\perfh00C.dat
2014-07-11 00:53 - 2011-05-16 16:25 - 00149982 _____ () C:\Windows\system32\perfc00C.dat
2014-07-11 00:53 - 2011-05-16 16:17 - 00738052 _____ () C:\Windows\system32\perfh00A.dat
2014-07-11 00:53 - 2011-05-16 16:17 - 00158876 _____ () C:\Windows\system32\perfc00A.dat
2014-07-11 00:53 - 2011-05-16 16:11 - 00599584 _____ () C:\Windows\system32\perfh008.dat
2014-07-11 00:53 - 2011-05-16 16:11 - 00111530 _____ () C:\Windows\system32\perfc008.dat
2014-07-11 00:53 - 2011-05-16 16:04 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-07-11 00:53 - 2011-05-16 16:04 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-07-11 00:53 - 2009-07-14 07:13 - 09283412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-11 00:52 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-11 00:47 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Partner
2014-07-11 00:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 00:38 - 2014-07-11 00:38 - 00000134 _____ () C:\Users\User\Desktop\Internet Explorer Troubleshooting.url
2014-07-11 00:36 - 2014-07-02 11:41 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-11 00:35 - 2014-07-11 00:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:34 - 2014-07-11 00:34 - 00284288 _____ (Mozilla) C:\Users\User\Downloads\Firefox Setup Stub 30.0.exe
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:28 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-11 00:25 - 2014-07-08 19:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\VOPackage
2014-07-11 00:25 - 2014-07-08 19:15 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-11 00:25 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-07-11 00:22 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-07-11 00:22 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Search Results Toolbar
2014-07-11 00:20 - 2012-04-11 07:21 - 00000000 ____D () C:\ProgramData\install_clap
2014-07-11 00:20 - 2011-07-18 22:54 - 00000000 ____D () C:\Windows\Panther
2014-07-10 23:58 - 2014-07-10 18:09 - 00895120 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 23:47 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-10 21:30 - 2014-07-10 21:30 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 20:23 - 2014-07-10 19:55 - 00390976 _____ () C:\Users\User\Desktop\logs_10.07.2014_19_39_38.log
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 19:19 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-10 19:03 - 2014-07-08 19:27 - 00001087 _____ () C:\Users\User\Desktop\Continue VuuPC Installation.lnk
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 17:57 - 2014-07-08 18:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 17:57 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 07:28 - 2014-07-06 15:14 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira
2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-10 06:27 - 2014-07-10 06:22 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:11 - 2014-07-10 06:11 - 00002640 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:10 - 2014-07-08 19:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:44 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-09 00:20 - 2014-07-08 19:17 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-09 00:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-08 22:56 - 2014-07-08 21:55 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 22:56 - 2014-07-08 21:51 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 22:56 - 2014-07-08 21:25 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 22:56 - 2014-07-08 21:09 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 22:56 - 2014-07-08 20:31 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 22:56 - 2014-07-08 20:29 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 22:56 - 2014-07-08 20:25 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 22:56 - 2014-07-08 20:17 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 22:56 - 2014-07-08 20:11 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 22:56 - 2014-07-08 20:03 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 22:56 - 2014-07-08 19:25 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 22:55 - 2014-07-08 21:53 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 22:55 - 2014-07-08 21:31 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 22:55 - 2014-07-08 21:27 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 22:55 - 2014-07-08 20:45 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 22:55 - 2014-07-08 19:51 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 22:55 - 2014-07-08 19:41 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 22:55 - 2014-07-08 19:39 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 22:54 - 2014-07-08 21:29 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 22:54 - 2014-07-08 21:19 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 22:52 - 2014-07-08 21:58 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 22:52 - 2014-07-08 20:21 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 22:52 - 2014-07-08 20:09 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 22:47 - 2011-07-18 23:22 - 00000000 ____D () C:\ProgramData\Temp
2014-07-08 22:15 - 2014-07-08 20:29 - 00001184 _____ () C:\Users\User\AppData\Roaming\aps.scan.quick.results
2014-07-08 22:15 - 2014-07-08 20:29 - 00000320 _____ () C:\Users\User\AppData\Roaming\aps.uninstall.scan.results
2014-07-08 22:15 - 2014-07-08 20:29 - 00000000 _____ () C:\Users\User\AppData\Roaming\aps.scan.results
2014-07-08 22:14 - 2014-07-08 19:15 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-07-08 22:13 - 2014-07-08 20:29 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-08 22:12 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-08 22:08 - 00003198 _____ () C:\Windows\System32\Tasks\psbep
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:51 - 2014-07-08 20:28 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:30 - 2014-07-08 20:29 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-08 20:30 - 2014-07-08 20:28 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:28 - 2014-07-08 20:28 - 00001049 _____ () C:\Users\User\Desktop\AnyProtect.lnk
2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-08 20:28 - 2014-07-08 20:27 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-08 20:28 - 2011-12-01 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 20:27 - 2014-07-08 20:27 - 00591520 _____ (ClickMeIn Limited) C:\Users\User\AppData\Local\nsy7D1E.tmp
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:16 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-08 19:53 - 00003204 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:44 - 2014-07-08 19:37 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:44 - 2014-07-08 19:17 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:36 - 2014-07-08 19:35 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\Documents\Optimizer Pro
2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Optimizer Pro
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:16 - 2014-07-08 19:16 - 00001973 _____ () C:\Users\User\Desktop\Sync Folder.lnk
2014-07-08 19:15 - 2014-07-08 19:15 - 00001091 _____ () C:\Users\User\Desktop\MyPC Backup.lnk
2014-07-08 19:15 - 2014-07-08 19:15 - 00001066 _____ () C:\Users\User\Desktop\Optimizer Pro.lnk
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-08 19:14 - 2014-07-08 19:14 - 00003656 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Users\User\AppData\Local\globalUpdate
2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-08 19:14 - 2014-07-02 11:08 - 00001671 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-08 19:14 - 2014-07-02 11:08 - 00001649 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-08 19:14 - 2014-07-02 11:02 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 _RHDC () C:\MSOCache
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-08 18:37 - 2014-07-06 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-07 06:34 - 2014-07-06 15:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:54 - 2009-07-14 04:38 - 00000000 ___DC () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14\C
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\smartdl
2014-07-06 19:49 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:48 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Claro LTD
2014-07-06 19:47 - 2014-07-06 19:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1ClickDownload
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:31 - 2014-07-06 17:30 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 17:19 - 2014-07-02 12:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:42 - 2014-07-06 15:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:18 - 2014-07-06 15:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:14 - 2011-07-18 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-06 15:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\4.0
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:39 - 2014-07-06 12:38 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-06 12:28 - 2014-07-06 12:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:27 - 2014-07-06 12:10 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:18 - 2014-07-06 12:17 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-06 11:49 - 2014-07-05 13:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-06 11:42 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-07-06 11:41 - 2014-06-22 21:20 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-07-06 11:41 - 2014-06-22 21:17 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-07-06 11:27 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-07-06 11:22 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-07-06 11:22 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-07-06 11:22 - 2014-06-22 20:59 - 00000000 ____D () C:\Users\User\Documents\CyberLink
2014-07-06 11:18 - 2014-06-22 23:55 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-07-06 11:01 - 2014-06-22 23:57 - 00000000 ___RD () C:\Users\User\Dropbox
2014-07-06 09:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-06 09:08 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-07-06 09:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-06 09:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-07-06 09:05 - 2011-05-16 15:57 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-07-06 09:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-07-06 09:03 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-07-06 08:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-07-06 08:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-07-06 08:37 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-07-05 19:26 - 2014-07-05 17:54 - 00000000 __SHD () C:\Users\User\AppData\Roaming\.#
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 13:06 - 2014-07-06 19:44 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-06 19:44 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-06 19:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-02 12:16 - 2014-07-02 11:43 - 00000000 ____D () C:\Temp
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:42 - 2012-04-11 07:13 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-02 11:20 - 2014-07-02 11:19 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:08 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-02 11:08 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:52 - 2014-07-02 10:51 - 00000000 __SHD () C:\Recovery
2014-06-30 04:09 - 2014-07-10 06:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 06:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 17:40 - 2011-07-18 22:31 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-26 07:24 - 2014-07-08 19:13 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-06-22 18:49 - 2014-06-22 21:16 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 08:40 - 2014-06-22 21:20 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-18 04:18 - 2014-07-10 06:19 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 06:19 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 06:19 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-16 13:13 - 2014-07-08 19:39 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-06-16 13:13 - 2014-07-08 19:39 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-06-16 13:13 - 2014-07-08 19:39 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-11 01:49

==================== End Of Log ============================

Addition Editor Teil 1

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by User at 2014-07-11 09:14:36
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser_AppS 1.1 (HKLM-x32\...\Browser_AppS 1.1) (Version: 1.34.7.1 - browser)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Hijack Hunter 1.8.4.1 (HKLM-x32\...\{616A9B24-448B-4DF3-926A-C4141FCD692C}_is1) (Version:  - NoVirusThanks Company Srl)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Java(TM) 7 Update 3 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217003FF}) (Version: 7.0.30 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lot (HKCU\...\lot_07081714) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
OpenOffice.org 3.2 (HKLM-x32\...\{09D95363-4C6D-4C37-B9E0-B4C7D5B1F7BF}) (Version: 3.2.9505 - OpenOffice.org)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{8038a6c5-b5ed-4364-9b95-cc168fb52914}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.324 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.324 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

08-07-2014 23:02:02 Windows Update
09-07-2014 16:17:29 Windows Live Essentials
09-07-2014 16:17:51 WLSetup
10-07-2014 04:45:08 Avira Free Antivirus - 10.07.2014 06:45
10-07-2014 05:24:23 Windows Update
10-07-2014 22:32:06 Windows Update
10-07-2014 22:41:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {062EC2A5-B818-4B10-B1E0-B5D66DDB5652} - System32\Tasks\usaxfdbi => C:\Users\User\AppData\Local\usaxfdbi.bat [2014-07-08] ()
Task: {0788C1DF-4552-4E20-BBCB-04ABCAF84E26} - System32\Tasks\gulkbb => C:\Users\User\AppData\Local\gulkbb.bat [2014-07-08] ()
Task: {079AE588-5B32-4E50-90F4-D0415F52A18E} - System32\Tasks\caqaxv => C:\Users\User\AppData\Local\caqaxv.bat [2014-07-08] ()
Task: {104388A0-041C-4A59-80E8-12857F03BBAA} - System32\Tasks\hyzseexr => C:\Users\User\AppData\Local\hyzseexr.bat [2014-07-08] ()
Task: {15DB8527-3F0C-4D35-9B35-0C0B630D33A7} - System32\Tasks\bkhol => C:\Users\User\AppData\Local\bkhol.bat [2014-07-08] ()
Task: {196BB910-7DE2-484A-96E4-3F8DCB5254CD} - System32\Tasks\bmhtnb => C:\Users\User\AppData\Local\bmhtnb.bat [2014-07-08] ()
Task: {1E2AF7B5-A6B4-436D-8828-D72207B41600} - System32\Tasks\wfoxa => C:\Users\User\AppData\Local\wfoxa.bat [2014-07-08] ()
Task: {1FDB4050-E3B7-417A-BE2D-F509582D99DC} - System32\Tasks\fmdljrba => C:\Users\User\AppData\Local\fmdljrba.bat [2014-07-08] ()
Task: {3F46E773-8753-44E7-9215-CD8B6FB174F0} - System32\Tasks\abwysmh => C:\Users\User\AppData\Local\abwysmh.bat [2014-07-08] ()
Task: {422172CD-0C75-4ADD-9B3C-D5CC55E1DD4C} - System32\Tasks\uvuuc => C:\Users\User\AppData\Local\uvuuc.bat [2014-07-08] ()
Task: {43F29483-F765-4B32-ADF1-66058CF4358B} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-08] (globalUpdate) <==== ATTENTION
Task: {471B7E52-60B8-4FD9-A664-8AAFC4BC07C1} - System32\Tasks\tagmaagm => C:\Users\User\AppData\Local\tagmaagm.bat [2014-07-08] ()
Task: {4737AECD-ADA0-4245-A952-5A52635EC457} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-07-08] (AnyProtect by CMI) <==== ATTENTION
Task: {48A89D42-0EA0-419E-AE51-27A4F8B77922} - System32\Tasks\cwapdiuq => C:\Users\User\AppData\Local\cwapdiuq.bat [2014-07-08] ()
Task: {4AAB0056-9D0D-4678-A981-D2E0597BDEF4} - System32\Tasks\icwxcmpb => C:\Users\User\AppData\Local\icwxcmpb.bat [2014-07-08] ()
Task: {4E4E0FA4-7F8E-4490-A0DE-5494933A2301} - System32\Tasks\rvalxcnr => C:\Users\User\AppData\Local\rvalxcnr.bat [2014-07-08] ()
Task: {50EB6FCC-A65D-4D73-B4FF-5E0EFD0E0020} - System32\Tasks\saedqvt => C:\Users\User\AppData\Local\saedqvt.bat [2014-07-08] ()
Task: {587A3B28-8E66-45FA-A415-1032F0509D66} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-07-08] (AnyProtect by CMI) <==== ATTENTION
Task: {5918C92A-C3B2-4B0C-92F9-668E686FD228} - System32\Tasks\vveddlk => C:\Users\User\AppData\Local\vveddlk.bat [2014-07-08] ()
Task: {6060AAA3-D3FE-4FE7-8583-92022D06C414} - System32\Tasks\noooppp => C:\Users\User\AppData\Local\noooppp.bat [2014-07-08] ()
Task: {65090DEB-47EF-4C90-9C2D-50D575360DCA} - System32\Tasks\daolbyol => C:\Users\User\AppData\Local\daolbyol.bat [2014-07-08] ()
Task: {678DEC61-DAE0-4407-B8AC-728BD7B117E6} - System32\Tasks\bexbocmy => C:\Users\User\AppData\Local\bexbocmy.bat [2014-07-08] ()
Task: {6D21A09A-138A-48D7-A290-393E65DF17BB} - System32\Tasks\mkqwccag => C:\Users\User\AppData\Local\mkqwccag.bat [2014-07-08] ()
Task: {6EF463B3-2A15-435A-8CFF-E6BC8A26C11B} - System32\Tasks\opxizbks => C:\Users\User\AppData\Local\opxizbks.bat [2014-07-08] ()
Task: {72C4CFA8-6941-4ED3-9FA2-596B3C77013E} - System32\Tasks\hbbuwxqk => C:\Users\User\AppData\Local\hbbuwxqk.bat [2014-07-08] ()
Task: {72E00578-B2C3-4AD5-8E8F-0242287BADC2} - System32\Tasks\5b129954-e7dd-4971-9aba-a63c9e9df39c-5_user => C:\Program Files (x86)\Browser_AppS 1.1\5b129954-e7dd-4971-9aba-a63c9e9df39c-5.exe
Task: {7869C6F5-377A-47E2-AD29-CF89BBB562D5} - System32\Tasks\feogfqi => C:\Users\User\AppData\Local\feogfqi.bat [2014-07-08] ()
Task: {8169EFBD-17AD-4C41-AC48-2F659BD2DB63} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-06-16] (TuneUp Software)
Task: {89966AD4-3A39-4C07-9221-29F59AB39109} - System32\Tasks\dmetc => C:\Users\User\AppData\Local\dmetc.bat [2014-07-08] ()
Task: {8A839A5F-59BB-4AE3-979A-DAA7948738FC} - System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9} => Chrome.exe 
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {8E989D24-559A-4B84-8034-370D20636DCF} - System32\Tasks\fdfcvuu => C:\Users\User\AppData\Local\fdfcvuu.bat [2014-07-08] ()
Task: {93829DB4-87FE-424F-B413-ABA54FA94DD4} - System32\Tasks\cgafmim => C:\Users\User\AppData\Local\cgafmim.bat [2014-07-08] ()
Task: {93857BC7-34C2-4E73-92E7-C24CA588DDC7} - System32\Tasks\yjbfhjt => C:\Users\User\AppData\Local\yjbfhjt.bat [2014-07-08] ()
Task: {9432539D-13E4-4CCE-9065-5FAC3D7A090F} - System32\Tasks\ptvicepr => C:\Users\User\AppData\Local\ptvicepr.bat [2014-07-08] ()
Task: {99F2E648-7F33-4DA8-8BEB-D126CF7A100C} - System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD} => Chrome.exe 
Task: {9A13FF19-3738-47B6-8268-1A9034E21108} - System32\Tasks\mlqxdd => C:\Users\User\AppData\Local\mlqxdd.bat [2014-07-08] ()
Task: {9BD34473-0BAD-4E1B-9A74-053AAB803CE0} - System32\Tasks\eiakbug => C:\Users\User\AppData\Local\eiakbug.bat [2014-07-08] ()
Task: {9EED6290-6321-4007-89FE-BFD734C11B54} - System32\Tasks\cqemch => C:\Users\User\AppData\Local\cqemch.bat [2014-07-08] ()
Task: {A6642E2E-2B8D-4DFC-9180-5BE5EE6582B3} - System32\Tasks\ubhvb => C:\Users\User\AppData\Local\ubhvb.bat [2014-07-08] ()
Task: {ACD20680-054C-43B2-AC64-E44991663323} - System32\Tasks\qsdgxa => C:\Users\User\AppData\Local\qsdgxa.bat [2014-07-08] ()
Task: {AF9E1606-80C6-4FA2-BB66-1C2427666DA9} - System32\Tasks\kfdspti => C:\Users\User\AppData\Local\kfdspti.bat [2014-07-08] ()
Task: {B591562D-5F3A-40A0-9610-CA26FE5FA46A} - System32\Tasks\fefvvn => C:\Users\User\AppData\Local\fefvvn.bat [2014-07-08] ()
Task: {B5A1F113-6BA0-40DA-8D9F-A52039CC9F6B} - System32\Tasks\pxhairk => C:\Users\User\AppData\Local\pxhairk.bat [2014-07-08] ()
Task: {B9CCBCAC-8D5F-479B-B571-C297CD31265E} - System32\Tasks\ahtxlqd => C:\Users\User\AppData\Local\ahtxlqd.bat [2014-07-08] ()
Task: {BFE7A9C2-164F-4C81-BDBE-BD8B39AD9829} - System32\Tasks\wnful => C:\Users\User\AppData\Local\wnful.bat [2014-07-08] ()
Task: {C28BBA43-C7D3-4A17-9473-AB7713CD1D07} - System32\Tasks\lpfjgl => C:\Users\User\AppData\Local\lpfjgl.bat [2014-07-08] ()
Task: {C6E4ABF2-0872-4ED1-B561-A0316872EDC4} - System32\Tasks\bixfsag => C:\Users\User\AppData\Local\bixfsag.bat [2014-07-08] ()
Task: {CC6762B5-553E-43C5-8DB9-FEA99B969A5D} - System32\Tasks\ophaqrz => C:\Users\User\AppData\Local\ophaqrz.bat [2014-07-08] ()
Task: {CEDBFD6B-2D59-4BEA-B5AE-F82CAA0F8D35} - System32\Tasks\kvavilo => C:\Users\User\AppData\Local\kvavilo.bat [2014-07-08] ()
Task: {D0CF010F-3224-4C4D-BC03-C1E18D2AFA39} - System32\Tasks\rdpthj => C:\Users\User\AppData\Local\rdpthj.bat [2014-07-08] ()
Task: {D19C406B-9E0E-47F1-B3E1-EF98910DB721} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D66B7C4B-9143-4887-9FD2-FF742E65DB76} - System32\Tasks\ikmfbcd => C:\Users\User\AppData\Local\ikmfbcd.bat [2014-07-08] ()
Task: {EC20F178-7B2D-4AEE-8A32-F7B90ABB2877} - System32\Tasks\eabigetk => C:\Users\User\AppData\Local\eabigetk.bat [2014-07-08] ()
Task: {EF8133B6-B2A6-44E6-9F6C-C1C839289755} - System32\Tasks\habcd => C:\Users\User\AppData\Local\habcd.bat [2014-07-08] ()
Task: {F1471092-83FF-45BF-9915-42C1D9B7E7E1} - System32\Tasks\xddorbn => C:\Users\User\AppData\Local\xddorbn.bat [2014-07-08] ()
Task: {F1E741C6-74E8-4E98-9FCC-B0C7A749DFFC} - System32\Tasks\agbhtpu => C:\Users\User\AppData\Local\agbhtpu.bat [2014-07-08] ()
Task: {FDBC7343-1935-43FB-AB1D-428590C0773A} - System32\Tasks\psbep => C:\Users\User\AppData\Local\psbep.bat [2014-07-08] ()
Task: C:\Windows\Tasks\5b129954-e7dd-4971-9aba-a63c9e9df39c-5_user.job => C:\Program Files (x86)\Browser_AppS 1.1\5b129954-e7dd-4971-9aba-a63c9e9df39c-5.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-04-11 11:57 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 11:57 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 07:19 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-16 13:14 - 2014-06-16 13:14 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-04-11 11:57 - 2012-03-27 23:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 11:57 - 2010-12-17 23:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 11:57 - 2012-02-24 23:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-07-08 19:14 - 2014-07-08 19:14 - 02617344 _____ () C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe
2014-07-08 19:15 - 2014-07-08 19:15 - 03156936 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2012-04-11 11:57 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 11:57 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-07-11 07:23 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Addition Editor Teil 2

Code:

ATTFilter

==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2014 08:03:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 30.0.0.5269, Zeitstempel: 0x5391420b
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009d8c
ID des fehlerhaften Prozesses: 0x22e8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/11/2014 08:00:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 30.0.0.5269, Zeitstempel: 0x5391420b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x16b4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/11/2014 06:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 30.0.0.5269, Zeitstempel: 0x5391420b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037225
ID des fehlerhaften Prozesses: 0x6e0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/11/2014 00:50:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UninstallManager.exe, Version: 14.0.1000.324, Zeitstempel: 0x539ed10b
Name des fehlerhaften Moduls: rtl120.bpl, Version: 12.0.3420.21218, Zeitstempel: 0x4a0b8b7f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006e18
ID des fehlerhaften Prozesses: 0xccc
Startzeit der fehlerhaften Anwendung: 0xUninstallManager.exe0
Pfad der fehlerhaften Anwendung: UninstallManager.exe1
Pfad des fehlerhaften Moduls: UninstallManager.exe2
Berichtskennung: UninstallManager.exe3

Error: (07/11/2014 00:48:08 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/11/2014 00:29:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 35.0.1916.153 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ce8

Startzeit: 01cf9c8e4c882b63

Endzeit: 3

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: b4011cf3-0881-11e4-8acb-685d4340b7b6

Error: (07/11/2014 00:26:48 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/10/2014 06:32:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/10/2014 06:05:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 35.0.1916.153 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ab4

Startzeit: 01cf9c588d64763f

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: f7e83d51-084b-11e4-9616-685d4340b7b6

Error: (07/10/2014 06:00:06 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)


System errors:
=============
Error: (07/11/2014 00:48:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/11/2014 00:48:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/11/2014 00:48:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (07/11/2014 00:47:04 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (07/11/2014 00:45:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (07/11/2014 00:40:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (07/11/2014 00:29:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073701 fehlgeschlagen: Windows Update Aux

Error: (07/11/2014 00:27:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/11/2014 00:26:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/11/2014 00:26:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.


Microsoft Office Sessions:
=========================
Error: (07/11/2014 08:03:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe30.0.0.52695391420bmsvcrt.dll7.0.7601.177444eeaf722c000000500009d8c22e801cf9ccdce60b18dC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\syswow64\msvcrt.dll1cb0008e-08c1-11e4-88ee-685d4340b7b6

Error: (07/11/2014 08:00:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe30.0.0.52695391420bntdll.dll6.1.7601.18247521ea8e7c0000374000ce75316b401cf9ccc088ad0e0C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SysWOW64\ntdll.dllb5ed77b4-08c0-11e4-88ee-685d4340b7b6

Error: (07/11/2014 06:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe30.0.0.52695391420bntdll.dll6.1.7601.18247521ea8e7c0000005000372256e001cf9cc4512237fbC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SysWOW64\ntdll.dll96ef5c9b-08b7-11e4-88ee-685d4340b7b6

Error: (07/11/2014 00:50:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: UninstallManager.exe14.0.1000.324539ed10brtl120.bpl12.0.3420.212184a0b8b7fc000000500006e18ccc01cf9c914682f2a4C:\Program Files (x86)\TuneUp Utilities 2014\UninstallManager.exeC:\Program Files (x86)\TuneUp Utilities 2014\rtl120.bpla6d254a2-0884-11e4-88ee-685d4340b7b6

Error: (07/11/2014 00:48:08 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/11/2014 00:29:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe35.0.1916.153ce801cf9c8e4c882b633C:\Program Files (x86)\Google\Chrome\Application\chrome.exeb4011cf3-0881-11e4-8acb-685d4340b7b6

Error: (07/11/2014 00:26:48 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/10/2014 06:32:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (07/10/2014 06:05:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe35.0.1916.1531ab401cf9c588d64763f8C:\Program Files (x86)\Google\Chrome\Application\chrome.exef7e83d51-084b-11e4-9616-685d4340b7b6

Error: (07/10/2014 06:00:06 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)


==================== Memory info =========================== 

Percentage of memory in use: 83%
Total physical RAM: 3990.83 MB
Available physical RAM: 663.24 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 3450.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:348.4 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=648 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================

schrauber · 12.07.2014, 07:32

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Rockslide · 12.07.2014, 09:31

Also Revo Uninstaller war nichts Löschbares enthalten, weiter mit Combofix. Hab es einfach laufen lassen und dann war die Logfile da:

Code:

ATTFilter

ComboFix 14-07-12.02 - User 12.07.2014   9:14.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3991.1630 [GMT 2:00]
ausgeführt von:: c:\users\User\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\program files (x86)\smartdl
c:\program files (x86)\smartdl\dler.exe
c:\program files (x86)\smartdl\gunzip.exe
c:\program files (x86)\smartdl\header.bmp
c:\program files (x86)\smartdl\header2.bmp
c:\program files (x86)\smartdl\header3.bmp
c:\program files (x86)\smartdl\next.bmp
c:\program files (x86)\smartdl\skip.bmp
c:\program files (x86)\smartdl\status-o
c:\programdata\Roaming
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\4.0
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\User\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\User\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\User\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\User\AppData\Local\nsy7D1E.tmp
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\background.html
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\content.js
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\lsdb.js
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\manifest.json
c:\users\User\AppData\Local\Torch\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0\O8ND4uPzD4B.js
c:\users\User\AppData\Roaming\.#
c:\windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-12 bis 2014-07-12  ))))))))))))))))))))))))))))))
.
.
2014-07-12 06:56 . 2014-07-12 06:56	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-07-11 18:30 . 2014-07-11 18:30	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E2E4E75-EC6C-46C1-B48E-FB13996EF1CB}\offreg.dll
2014-07-11 18:17 . 2014-06-17 00:57	10779000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7E2E4E75-EC6C-46C1-B48E-FB13996EF1CB}\mpengine.dll
2014-07-11 08:16 . 2014-07-11 08:16	--------	d-----w-	c:\program files (x86)\7-Zip
2014-07-11 07:04 . 2014-07-11 07:15	--------	dc----w-	C:\FRST
2014-07-11 05:23 . 2014-07-11 05:23	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2014-07-10 22:32 . 2014-07-10 22:35	--------	d-----w-	c:\windows\system32\MRT
2014-07-10 21:55 . 2014-07-10 21:55	--------	d-----w-	c:\program files\iPod
2014-07-10 21:55 . 2014-07-10 21:55	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 21:55 . 2014-07-10 21:55	--------	d-----w-	c:\program files\iTunes
2014-07-10 21:55 . 2014-07-10 21:55	--------	d-----w-	c:\program files (x86)\iTunes
2014-07-10 21:49 . 2014-07-10 21:49	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2014-07-10 21:49 . 2014-07-10 21:49	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2014-07-10 21:49 . 2014-07-10 21:49	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2014-07-10 21:49 . 2014-07-10 21:49	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2014-07-10 21:49 . 2014-07-10 21:49	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2014-07-10 19:35 . 2014-07-12 06:38	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-10 19:30 . 2014-07-10 19:30	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-07-10 19:30 . 2014-07-10 19:30	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-10 19:30 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-10 19:30 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-10 19:30 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-10 04:29 . 2014-07-10 04:29	--------	d-----w-	c:\programdata\Avira
2014-07-10 04:20 . 2014-06-03 10:02	1719296	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2014-07-10 04:20 . 2014-06-03 10:02	1389568	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2014-07-10 04:20 . 2014-06-03 10:02	1380864	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2014-07-10 04:20 . 2014-06-03 10:02	1354240	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-10 04:20 . 2014-06-03 09:29	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-10 04:20 . 2013-11-23 18:26	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2014-07-10 04:20 . 2013-11-23 17:47	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2014-07-10 04:20 . 2014-06-30 02:09	519168	----a-w-	c:\windows\system32\aepdu.dll
2014-07-10 04:20 . 2014-06-30 02:04	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-07-10 04:18 . 2014-06-05 14:45	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-07-10 04:18 . 2014-06-05 14:26	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-07-10 04:18 . 2014-06-05 14:25	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-07-10 04:17 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-07-10 04:17 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-07-10 04:17 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2014-07-10 04:17 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2014-07-10 04:10 . 2014-07-10 04:10	--------	d-----w-	c:\programdata\504c2cf8db11ac3b
2014-07-10 04:09 . 2014-07-10 04:09	--------	d-----w-	c:\users\Gast
2014-07-10 04:09 . 2014-07-10 04:09	--------	d-----w-	c:\users\Administrator
2014-07-09 16:43 . 2014-07-09 16:44	--------	d-----w-	c:\programdata\MFAData
2014-07-08 18:28 . 2014-07-08 18:28	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-08 18:27 . 2014-07-08 18:28	--------	d-----w-	c:\program files (x86)\AnyProtectEx
2014-07-08 17:39 . 2014-06-16 11:13	40760	----a-w-	c:\windows\system32\TURegOpt.exe
2014-07-08 17:39 . 2014-06-16 11:13	29496	----a-w-	c:\windows\system32\authuitu.dll
2014-07-08 17:39 . 2014-06-16 11:13	25400	----a-w-	c:\windows\SysWow64\authuitu.dll
2014-07-08 17:39 . 2014-07-08 17:39	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2014
2014-07-08 17:37 . 2014-07-08 17:44	--------	d-sh--w-	c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 17:31 . 2014-07-08 17:31	--------	d-----w-	c:\program files (x86)\Uninstaller
2014-07-08 17:17 . 2014-07-08 22:20	--------	d-----w-	c:\programdata\TuneUp Software
2014-07-08 17:17 . 2014-07-08 17:44	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 17:17 . 2014-07-08 17:17	--------	d--h--w-	c:\programdata\Common Files
2014-07-08 17:15 . 2014-07-08 20:14	--------	d-----w-	c:\program files (x86)\MyPC Backup
2014-07-08 17:15 . 2014-07-12 06:50	--------	d-----w-	c:\program files (x86)\Optimizer Pro
2014-07-08 17:15 . 2014-07-10 22:25	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-08 17:14 . 2014-07-08 17:14	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-07-08 17:14 . 2014-07-10 22:55	--------	d-----w-	c:\program files (x86)\Browser_AppS 1.1
2014-07-08 17:13 . 2014-06-26 05:24	57528	----a-w-	c:\windows\system32\drivers\webinstr.sys
2014-07-08 17:12 . 2014-07-08 17:12	--------	dc----r-	C:\MSOCache
2014-07-08 16:43 . 2014-07-10 15:57	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-08 16:38 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2014-07-08 16:38 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2014-07-08 16:38 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-07-08 16:38 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2014-07-08 16:38 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2014-07-08 16:31 . 2014-07-08 16:31	--------	d-----w-	c:\windows\Migration
2014-07-08 05:48 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-07-08 05:38 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2014-07-08 05:18 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-07-08 05:18 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-07-08 05:18 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-07-08 05:18 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-07-08 05:18 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-07-08 05:18 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-07-08 05:18 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-07-08 05:10 . 2014-07-08 05:10	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2014-07-06 20:09 . 2014-07-08 05:10	--------	d-----w-	c:\program files\Microsoft Silverlight
2014-07-06 20:09 . 2014-07-06 20:09	--------	d-----w-	c:\program files\Microsoft Security Client
2014-07-06 20:09 . 2014-07-06 20:09	--------	d-----w-	c:\program files\Canon
2014-07-06 17:50 . 2013-12-27 21:34	--------	d-----w-	c:\program files (x86)\VideoLAN
2014-07-06 17:50 . 2014-07-06 17:50	--------	d-----w-	c:\program files (x86)\uTorrent
2014-07-06 17:50 . 2014-07-10 22:22	--------	d-----w-	c:\program files (x86)\SweetIM
2014-07-06 17:50 . 2014-07-06 17:50	--------	d-----w-	c:\program files (x86)\Sony Ericsson
2014-07-06 17:49 . 2014-07-06 17:49	--------	d-----w-	c:\program files (x86)\Sony
2014-07-06 17:49 . 2014-07-06 17:49	--------	d-----r-	c:\program files (x86)\Skype
2014-07-06 17:49 . 2014-07-10 22:22	--------	d-----w-	c:\program files (x86)\Search Results Toolbar
2014-07-06 17:48 . 2014-07-06 17:49	--------	d-----w-	c:\program files (x86)\Scribus 1.4.1
2014-07-06 17:48 . 2014-07-10 21:48	--------	d-----w-	c:\program files (x86)\QuickTime
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\NoVirusThanks
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\McAfee Security Scan
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\gs
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\FRITZ!Box
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\FRITZ!Box Monitor
2014-07-06 17:48 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\FreePDF_XP
2014-07-06 17:47 . 2014-07-06 17:48	--------	d-----w-	c:\program files (x86)\ElsterFormular
2014-07-06 17:47 . 2014-07-06 17:47	--------	d-----w-	c:\program files (x86)\eBay
2014-07-06 17:47 . 2014-07-06 17:47	--------	d-----w-	c:\program files (x86)\DsNET Corp
2014-07-06 17:47 . 2014-07-06 17:47	--------	d-----w-	c:\program files (x86)\Conduit
2014-07-06 17:47 . 2014-07-06 17:47	--------	d-----w-	c:\program files (x86)\Claro LTD
2014-07-06 17:45 . 2014-07-06 17:47	--------	d-----w-	c:\program files (x86)\Canon
2014-07-06 17:44 . 2014-07-02 11:06	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-07-06 17:44 . 2014-07-02 11:06	130584	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-07-06 17:44 . 2014-07-02 11:06	117712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-07-06 17:44 . 2014-07-06 17:44	--------	d-----w-	c:\program files (x86)\Avira
2014-07-06 17:44 . 2014-07-06 17:44	--------	d-----w-	c:\program files (x86)\AskPartnerNetwork
2014-07-06 17:44 . 2014-07-06 17:44	--------	d-----w-	c:\program files (x86)\1ClickDownload
2014-07-06 17:44 . 2014-07-06 17:44	--------	d-----w-	c:\program files (x86)\1&1
2014-07-06 17:44 . 2014-07-06 17:44	--------	d-----w-	c:\program files (x86)\VirtualDJ
2014-07-06 17:31 . 2014-07-06 17:31	--------	d-----w-	c:\program files (x86)\Copy Trans
2014-07-06 15:30 . 2014-07-06 15:31	--------	d-----w-	c:\programdata\VirtualizedApplications
2014-07-06 14:46 . 2014-07-06 14:46	--------	d-----w-	c:\program files\CCleaner
2014-07-06 13:34 . 2014-07-07 04:34	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2014-07-06 13:21 . 2014-07-06 13:21	--------	d-----w-	c:\programdata\Microsoft Help
2014-07-06 13:14 . 2014-07-06 13:14	--------	d-----w-	c:\program files\Microsoft Office
2014-07-06 13:13 . 2014-07-08 16:37	--------	d-----w-	c:\program files (x86)\Microsoft Application Virtualization Client
2014-07-06 10:38 . 2014-07-06 10:39	--------	d-----w-	c:\users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-06 10:20 . 2014-07-06 10:20	--------	dc----w-	c:\windows\system32\DRVSTORE
2014-07-06 10:20 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2014-07-06 10:19 . 2014-07-06 10:19	--------	d-----w-	c:\programdata\Apple Computer
2014-07-06 10:18 . 2014-07-06 10:18	--------	d-----w-	c:\program files (x86)\Apple Software Update
2014-07-06 10:17 . 2014-07-10 21:47	--------	d-----w-	c:\program files\Common Files\Apple
2014-07-06 10:17 . 2014-07-06 10:17	--------	d-----w-	c:\program files\Bonjour
2014-07-06 10:17 . 2014-07-06 10:17	--------	d-----w-	c:\program files (x86)\Bonjour
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-08 18:28 . 2011-12-01 21:26	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-06 07:15 . 2011-03-29 01:36	23264	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-06-26 15:40 . 2011-07-18 20:31	96441528	----a-w-	c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lot_07081714"="c:\users\user\appdata\local\lot_07081714\lot_07081714.exe" [2014-07-08 2617344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-07-02 750160]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-11 34261968]
lot_07081714.lnk - c:\users\User\AppData\Local\lot_07081714\lot_07081714.exe /r [2014-7-8 2617344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"AnyProtect Scanner"="c:\program files (x86)\AnyProtectEx\AnyProtect.exe"
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R4 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R4 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [x]
R4 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R4 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R4 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe;c:\program files (x86)\watchmi\TvdService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
R4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 webinstr;webinstr;c:\windows\system32\Drivers\webinstr.sys;c:\windows\SYSNATIVE\Drivers\webinstr.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-08 c:\windows\Tasks\APSnotifierPP1.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2014-07-08 18:28]
.
2014-07-11 c:\windows\Tasks\APSnotifierPP3.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2014-07-08 18:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.firefox.de/
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404839654&from=tugs&uid=HITACHIXHTS727575A9E364_J3740084H2ERXEH2ERXEX&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = www.google.com
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk - c:\windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_’\00\00’\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~’\00\00’\00\00\00\00’\00\00\00\00\00\00\00\00‘’“"
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\YouCam\YouCamService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-12  09:31:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-12 07:31
.
Vor Suchlauf: 8 Verzeichnis(se), 371.303.563.264 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 371.031.076.864 Bytes frei
.
- - End Of File - - C676BA470216F3C3C190DC3D38054D37

Danke "Schrauber" :-), mein Mozilla läuft wie gewohnt, alles geht auf ohne zu motzen, keine lästige Werbung, Plops usw mehr. Frag mich nur, wie das passieren konnte.
Gruss Silvia

Zitat:

Es ist die Hardware, die einen Computer schnell macht; und die Software die ihn wieder verlangsamt. Craig Bruce - Software-Entwickler

.

schrauber · 13.07.2014, 08:14

wir sind noch nit fertig

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Rockslide · 13.07.2014, 14:10

oh, hab ich bemerkt, Seiten gingen zum Teil wieder nicht auf

, bin dabei

Sorry, bin dauernd rausgeflogen bzw. nicht in den Browser gekommen

Mal schnell bevor wir im Fussballfieber versinken

[CODE]
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13.07.2014
Scan Time: 12:35:20
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.13.01
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347724
Time Elapsed: 10 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Snapdo.T, HKU\S-1-5-21-2360195539-4008202503-23516872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [b2cdebb28bf096a0a278672744bed22e],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [b2cdebb28bf096a0a278672744bed22e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [a5dacdd048337db954863484b151956b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],

Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [a5dacdd048337db954863484b151956b]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-2360195539-4008202503-23516872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [bfc058452952cb6b18c3ab0d5ea48e72]

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8AEDCA7B-C367-43F0-A6E8-69F7CA9C74E1}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],

Files: 6
PUP.Optional.Spigot.A, C:\Users\User\Downloads\aTube55Catcher.exe, Quarantined, [a0df831a87f42b0b20b48c9fb74a2bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c],

Physical Sectors: 0
(No malicious items detected)

(end)

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.215 - Bericht erstellt am 13/07/2014 um 14:37:52
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : 70e6ca8c
[#] Dienst Gelöscht : BackupStack
Dienst Gelöscht : webinstr

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Ordner Gelöscht : C:\Program Files (x86)\1ClickDownload
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Uninstaller
Ordner Gelöscht : C:\Users\User\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\User\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\User\AppData\Local\torch
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Optimizer Pro
Ordner Gelöscht : C:\Users\User\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\User\Documents\Optimizer Pro
Datei Gelöscht : C:\Users\User\AppData\Roaming\aps.scan.quick.results
Datei Gelöscht : C:\Users\User\AppData\Roaming\aps.scan.results
Datei Gelöscht : C:\Users\User\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\User\Desktop\AnyProtect.lnk
Datei Gelöscht : C:\Users\User\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\User\Desktop\Optimizer Pro.lnk
Datei Gelöscht : C:\Users\User\Desktop\Sync Folder.lnk
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\user.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP1.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP1
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP3.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP3

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerR_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerR_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16561

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7308 octets] - [13/07/2014 14:36:09]
AdwCleaner[S0].txt - [6218 octets] - [13/07/2014 14:37:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6278 octets] ##########

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 13.07.2014 at 14:43:58,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9m841dpo.default\extensions\toolbar@gmx.net

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2014 at 14:49:54,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[CODE]

zu guter letzt FRST 1. Teil:
[CODE]
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by User (administrator) on USER-PC on 13-07-2014 15:02:01
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [lot_07081714] => c:\users\user\appdata\local\lot_07081714\lot_07081714.exe [2617344 2014-07-08] ()
HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [AnizQoyq] => regsvr32.exe "C:\ProgramData\AnizQoyq\AnizQoyq.dat"
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lot_07081714.lnk
ShortcutTarget: lot_07081714.lnk -> C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firefox.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF NetworkProxy: "type", 4
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-12]
FF HKCU\...\Firefox\Extensions: [{65449825-340B-4B0B-D82C-63B7C23DC344}] - C:\Program Files (x86)\v01Re-markit\174.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-07-06]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05]
CHR Extension: (Re-markit) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjilminfakplkijfhhempcjdfccdpeal [2014-07-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
S4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-13 15:01 - 2014-07-13 15:01 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.JRT.txt#
2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.AdwCleaner[S0].txt#
2014-07-13 14:59 - 2014-07-13 14:59 - 00000094 ____H () C:\Users\User\Desktop\.~lock.mbam.txt#
2014-07-13 14:49 - 2014-07-13 14:56 - 00000776 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 14:43 - 2014-07-13 14:43 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 14:42 - 2014-07-13 14:42 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 14:40 - 2014-07-13 14:40 - 00006370 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-13 14:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-13 14:34 - 2014-07-13 14:41 - 00000000 ___DC () C:\AdwCleaner
2014-07-13 14:33 - 2014-07-13 14:33 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 14:33 - 2014-07-13 14:33 - 00003956 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 14:27 - 2014-07-13 14:27 - 00034209 _____ () C:\Users\User\Desktop\combo.txt
2014-07-13 13:45 - 2014-07-13 13:45 - 00034207 ____C () C:\ComboFix.txt
2014-07-13 13:15 - 2014-07-13 13:15 - 00000000 ____D () C:\ProgramData\AnizQoyq
2014-07-13 12:34 - 2014-07-13 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 12:33 - 2014-07-13 12:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-13 12:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 12:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-13 12:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-13 12:31 - 2014-07-13 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-07-13 12:20 - 2014-07-13 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-13 12:14 - 2014-07-13 12:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-13 12:13 - 2014-07-13 12:13 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0 (1).exe
2014-07-13 11:25 - 2014-07-13 11:25 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-13 11:24 - 2014-07-13 14:39 - 00000392 _____ () C:\Windows\setupact.log
2014-07-13 11:24 - 2014-07-13 11:24 - 00517648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 11:23 - 2014-07-13 14:39 - 00005758 _____ () C:\Windows\PFRO.log
2014-07-12 10:52 - 2014-07-12 10:52 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2014-07-12 09:12 - 2014-07-13 13:45 - 00000000 ___DC () C:\Qoobox
2014-07-12 09:12 - 2014-07-13 13:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-12 09:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-12 09:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-12 09:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-12 09:07 - 2014-07-12 09:07 - 05218570 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-12 09:05 - 2014-07-12 09:05 - 00003258 _____ () C:\Windows\System32\Tasks\{DD65FB9F-3514-482D-AAAB-404A56BDE7BD}
2014-07-12 08:56 - 2014-07-12 08:56 - 00001268 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk
2014-07-12 08:56 - 2014-07-12 08:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 08:55 - 2014-07-12 08:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-07-11 12:58 - 2014-07-11 12:58 - 00001041 _____ () C:\Users\User\Desktop\Dropbox.lnk
2014-07-11 12:57 - 2014-07-13 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster
2014-07-11 12:57 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-11 12:56 - 2014-07-13 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-11 09:06 - 2014-07-11 10:07 - 00056327 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-11 09:04 - 2014-07-13 15:02 - 00013035 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-11 09:04 - 2014-07-13 15:02 - 00000000 ___DC () C:\FRST
2014-07-11 08:59 - 2014-07-13 15:01 - 02086912 ____C (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-11 07:22 - 2014-07-11 07:23 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:32 - 2014-07-11 00:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira
2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-10 06:22 - 2014-07-10 06:27 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 06:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 06:20 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-10 06:20 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-10 06:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 06:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 06:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 06:19 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 06:19 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 06:19 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 06:19 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 06:19 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 06:19 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-10 06:19 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-10 06:19 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 06:19 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 06:19 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 06:19 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 06:19 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 06:19 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 06:19 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-10 06:19 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-10 06:19 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-10 06:19 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 06:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 06:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 06:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 06:19 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-10 06:19 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-10 06:19 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-10 06:19 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-10 06:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 06:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 06:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 06:17 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-10 06:17 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-10 06:17 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-07-10 06:17 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:43 - 2014-07-09 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-13 11:21 - 00003200 _____ () C:\Windows\System32\Tasks\psbep
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 22:54 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 22:54 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 22:55 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:29 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 22:56 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-13 11:21 - 00003206 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 22:55 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-06-16 13:13 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-07-08 19:39 - 2014-06-16 13:13 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-07-08 19:39 - 2014-06-16 13:13 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-07-08 19:37 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:35 - 2014-07-08 19:36 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:18 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:17 - 2014-07-09 00:20 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-08 19:17 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:14 - 2014-07-13 14:45 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714
2014-07-08 19:14 - 2014-07-11 00:55 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:13 - 2014-07-10 06:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2014-06-26 07:24 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 __RDC () C:\MSOCache
2014-07-08 18:43 - 2014-07-10 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-08 18:38 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-08 18:38 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:38 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-08 07:18 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-08 07:18 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-08 07:18 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:09 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:50 - 2013-12-27 23:34 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:48 - 2014-07-13 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-06 19:48 - 2014-07-10 23:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-06 19:48 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:47 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:45 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:44 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-06 19:44 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-06 19:44 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:30 - 2014-07-06 17:31 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:36 - 2014-07-06 15:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:34 - 2014-07-07 06:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:17 - 2014-07-08 22:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-10 07:28 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:13 - 2014-07-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-06 15:12 - 2014-07-06 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:38 - 2014-07-12 09:32 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-06 12:20 - 2014-07-11 00:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:17 - 2014-07-10 23:47 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-06 12:17 - 2014-07-06 12:18 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 12:10 - 2014-07-06 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:10 - 2014-07-06 12:27 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 14:24 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAT.DLL
2014-07-05 13:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-05 13:58 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-05 13:58 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-07-05 13:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-05 13:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-07-05 13:58 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-07-05 13:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-05 13:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-05 13:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-05 13:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-05 13:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-07-05 13:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-05 13:57 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-05 13:57 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-05 13:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-05 13:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-07-05 13:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-05 13:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-05 13:57 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-05 13:57 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-05 13:57 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-07-05 13:57 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-05 13:57 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-07-05 13:57 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-07-05 13:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-05 13:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-05 13:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-05 13:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-05 13:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-05 13:56 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-07-05 13:56 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-05 13:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-05 13:56 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-05 13:56 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-05 13:56 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-05 13:56 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-05 13:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-05 13:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-05 13:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-05 13:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-07-05 13:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-05 13:56 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-07-05 13:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-05 13:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-05 13:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-07-05 13:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-07-05 13:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-07-05 13:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-07-05 13:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-05 13:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-05 13:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-05 13:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-05 13:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-05 13:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-05 13:55 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-05 13:55 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-05 13:55 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-05 13:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-07-05 13:55 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-05 13:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-05 13:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-05 13:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-07-05 13:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-05 13:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-07-05 13:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-05 13:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-05 13:55 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-05 13:55 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-05 13:55 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-07-05 13:55 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-07-05 13:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-07-05 13:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-07-05 13:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-07-05 13:55 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-07-05 13:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-07-05 13:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-07-05 13:55 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-07-05 13:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-07-05 13:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-05 13:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-05 13:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-05 13:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-07-05 13:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-07-05 13:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-07-05 13:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-07-05 13:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-07-05 13:54 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-05 13:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-05 13:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-05 13:53 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-05 13:53 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-05 13:53 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-05 13:53 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-07-05 13:53 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-07-05 13:53 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-07-05 13:53 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-07-05 13:53 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-07-05 13:53 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-07-05 13:53 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-07-05 13:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-05 13:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-05 13:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-05 13:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-05 13:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-05 13:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-05 13:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-05 13:52 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-05 13:52 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-05 13:52 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-05 13:52 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-07-05 13:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-05 13:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-05 13:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-05 13:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-07-05 13:52 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-07-05 13:52 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-07-05 13:52 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-05 13:52 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-07-05 13:52 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-05 13:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-07-05 13:52 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-05 13:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-07-05 13:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-07-05 13:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-07-05 13:52 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-07-05 13:52 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-07-05 13:52 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-05 13:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-07-05 13:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-07-05 13:52 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-05 13:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-05 13:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-05 13:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-05 13:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-05 13:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-05 13:05 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 12:16 - 2014-07-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:43 - 2014-07-02 12:16 - 00000000 ____D () C:\Temp
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:41 - 2014-07-11 00:36 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-02 11:19 - 2014-07-02 11:20 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-13 14:41 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-13 14:37 - 00001168 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 11:08 - 2014-07-13 14:37 - 00000985 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-02 11:08 - 2014-07-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:07 - 2012-04-11 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema
2014-07-02 11:07 - 2012-03-14 23:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-07-02 11:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-02 11:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2011-08-15 12:59 - 00001854 _____ () C:\Users\Public\Desktop\MEDION Services.lnk
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:04 - 2011-09-20 13:06 - 00002439 _____ () C:\Users\Public\Desktop\MEDIONmediathek.lnk
2014-07-02 11:03 - 2014-07-02 11:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-11 00:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-02 11:02 - 2014-07-08 19:14 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:51 - 2014-07-13 14:38 - 01804993 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:51 - 2014-07-02 10:52 - 00000000 ____D () C:\Recovery
2014-06-22 23:57 - 2014-07-13 11:23 - 00000000 ___RD () C:\Users\User\Dropbox
2014-06-22 23:55 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-06-22 21:21 - 2014-07-08 20:16 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-06-22 21:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-06-22 21:20 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-06-22 21:20 - 2014-07-06 11:41 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-06-22 21:20 - 2014-07-06 11:27 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-06-22 21:20 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-06-22 21:20 - 2014-06-22 08:40 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-22 21:17 - 2014-07-06 11:41 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-06-22 21:17 - 2014-04-25 12:58 - 06772879 _____ () C:\Users\User\Desktop\wordpress-3.9-de_DE.zip
2014-06-22 21:16 - 2014-06-22 18:49 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 21:16 - 2013-12-14 08:52 - 01750312 _____ (WindSolutions) C:\Users\User\Desktop\logpacker.exe
2014-06-22 21:16 - 2013-05-04 11:32 - 00001050 _____ () C:\Users\User\Desktop\VirtualDJ Home FREE.lnk
2014-06-22 21:16 - 2012-12-29 12:53 - 2884829184 _____ () C:\Users\User\Desktop\Windows Installationsdatei 12.12.iso
2014-06-22 21:15 - 2013-05-04 11:29 - 38944576 _____ (Atomix Productions) C:\Users\User\Desktop\install_virtualdj_home_v7.4.exe
2014-06-22 21:15 - 2013-03-07 23:19 - 90130256 _____ (Apple Inc.) C:\Users\User\Desktop\iTunes64Setup.exe
2014-06-22 21:14 - 2014-02-20 20:38 - 00055808 _____ () C:\Users\User\Desktop\FahrplanTage berechnen.xls
2014-06-22 21:14 - 2014-02-20 19:27 - 00057856 _____ () C:\Users\User\Desktop\Fahrplan2.xls
2014-06-22 21:14 - 2014-01-17 10:38 - 1489184417 _____ () C:\Users\User\Desktop\home-hd-de.zip
2014-06-22 21:14 - 2013-12-27 23:46 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\User\Desktop\hijackhunter_setup.exe
2014-06-22 21:14 - 2013-12-24 10:43 - 00053760 _____ () C:\Users\User\Desktop\Fahrplan2014.xls
2014-06-22 21:14 - 2013-12-17 23:43 - 36152456 _____ (Amazon) C:\Users\User\Desktop\AmazonCloudPlayerInstaller_399.exe
2014-06-22 20:59 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\CyberLink

[CODE]

Rockslide · 13.07.2014, 16:22

FRST 2. Teil

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

2014-07-13 15:02 - 2014-07-11 09:04 - 00013035 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-13 15:02 - 2014-07-11 09:04 - 00000000 ___DC () C:\FRST
2014-07-13 15:01 - 2014-07-13 15:01 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-13 15:01 - 2014-07-11 08:59 - 02086912 ____C (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.JRT.txt#
2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.AdwCleaner[S0].txt#
2014-07-13 14:59 - 2014-07-13 14:59 - 00000094 ____H () C:\Users\User\Desktop\.~lock.mbam.txt#
2014-07-13 14:56 - 2014-07-13 14:49 - 00000776 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 14:47 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-13 14:47 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-13 14:45 - 2014-07-08 19:14 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714
2014-07-13 14:43 - 2014-07-13 14:43 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 14:43 - 2014-07-02 10:51 - 01804993 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 14:42 - 2014-07-13 14:42 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 14:41 - 2014-07-13 14:34 - 00000000 ___DC () C:\AdwCleaner
2014-07-13 14:41 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-13 14:40 - 2014-07-13 14:40 - 00006370 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-13 14:39 - 2014-07-13 11:24 - 00000392 _____ () C:\Windows\setupact.log
2014-07-13 14:39 - 2014-07-13 11:23 - 00005758 _____ () C:\Windows\PFRO.log
2014-07-13 14:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 14:37 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-13 14:37 - 2014-07-02 11:08 - 00001168 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-13 14:37 - 2014-07-02 11:08 - 00000985 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-13 14:33 - 2014-07-13 14:33 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 14:33 - 2014-07-13 14:33 - 00003956 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 14:29 - 2014-07-13 12:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 14:27 - 2014-07-13 14:27 - 00034209 _____ () C:\Users\User\Desktop\combo.txt
2014-07-13 13:45 - 2014-07-13 13:45 - 00034207 ____C () C:\ComboFix.txt
2014-07-13 13:45 - 2014-07-12 09:12 - 00000000 ___DC () C:\Qoobox
2014-07-13 13:40 - 2014-07-12 09:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-13 13:40 - 2009-07-14 04:34 - 00000215 ____C () C:\Windows\system.ini
2014-07-13 13:15 - 2014-07-13 13:15 - 00000000 ____D () C:\ProgramData\AnizQoyq
2014-07-13 12:56 - 2011-05-16 17:16 - 00649278 _____ () C:\Windows\system32\perfh01F.dat
2014-07-13 12:56 - 2011-05-16 17:16 - 00140402 _____ () C:\Windows\system32\perfc01F.dat
2014-07-13 12:56 - 2011-05-16 17:03 - 00721614 _____ () C:\Windows\system32\prfh0816.dat
2014-07-13 12:56 - 2011-05-16 17:03 - 00153308 _____ () C:\Windows\system32\prfc0816.dat
2014-07-13 12:56 - 2011-05-16 16:55 - 00732954 _____ () C:\Windows\system32\perfh015.dat
2014-07-13 12:56 - 2011-05-16 16:55 - 00156274 _____ () C:\Windows\system32\perfc015.dat
2014-07-13 12:56 - 2011-05-16 16:47 - 00736094 _____ () C:\Windows\system32\perfh013.dat
2014-07-13 12:56 - 2011-05-16 16:47 - 00153504 _____ () C:\Windows\system32\perfc013.dat
2014-07-13 12:56 - 2011-05-16 16:39 - 00732642 _____ () C:\Windows\system32\perfh010.dat
2014-07-13 12:56 - 2011-05-16 16:39 - 00147248 _____ () C:\Windows\system32\perfc010.dat
2014-07-13 12:56 - 2011-05-16 16:31 - 00676350 _____ () C:\Windows\system32\perfh00E.dat
2014-07-13 12:56 - 2011-05-16 16:31 - 00171676 _____ () C:\Windows\system32\perfc00E.dat
2014-07-13 12:56 - 2011-05-16 16:25 - 00738312 _____ () C:\Windows\system32\perfh00C.dat
2014-07-13 12:56 - 2011-05-16 16:25 - 00149982 _____ () C:\Windows\system32\perfc00C.dat
2014-07-13 12:56 - 2011-05-16 16:17 - 00738052 _____ () C:\Windows\system32\perfh00A.dat
2014-07-13 12:56 - 2011-05-16 16:17 - 00158876 _____ () C:\Windows\system32\perfc00A.dat
2014-07-13 12:56 - 2011-05-16 16:11 - 00599584 _____ () C:\Windows\system32\perfh008.dat
2014-07-13 12:56 - 2011-05-16 16:11 - 00111530 _____ () C:\Windows\system32\perfc008.dat
2014-07-13 12:56 - 2011-05-16 16:04 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-07-13 12:56 - 2011-05-16 16:04 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-07-13 12:56 - 2009-07-14 07:13 - 09283412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 12:33 - 2014-07-13 12:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 12:31 - 2014-07-13 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-07-13 12:20 - 2014-07-13 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-13 12:14 - 2014-07-13 12:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-13 12:13 - 2014-07-13 12:13 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0 (1).exe
2014-07-13 11:25 - 2014-07-13 11:25 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-13 11:24 - 2014-07-13 11:24 - 00517648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 11:23 - 2014-06-22 23:57 - 00000000 ___RD () C:\Users\User\Dropbox
2014-07-13 11:21 - 2014-07-08 22:08 - 00003200 _____ () C:\Windows\System32\Tasks\psbep
2014-07-13 11:21 - 2014-07-08 19:53 - 00003206 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-13 10:23 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster
2014-07-13 10:23 - 2014-07-11 12:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-07-13 00:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-12 13:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-12 10:52 - 2014-07-12 10:52 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2014-07-12 09:32 - 2014-07-06 12:38 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-12 09:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-12 09:07 - 2014-07-12 09:07 - 05218570 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-12 09:05 - 2014-07-12 09:05 - 00003258 _____ () C:\Windows\System32\Tasks\{DD65FB9F-3514-482D-AAAB-404A56BDE7BD}
2014-07-12 08:56 - 2014-07-12 08:56 - 00001268 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk
2014-07-12 08:56 - 2014-07-12 08:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 08:55 - 2014-07-12 08:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-07-11 12:58 - 2014-07-11 12:58 - 00001041 _____ () C:\Users\User\Desktop\Dropbox.lnk
2014-07-11 12:57 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-11 12:39 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-11 10:07 - 2014-07-11 09:06 - 00056327 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-11 08:37 - 2011-07-18 23:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-11 07:23 - 2014-07-11 07:22 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe
2014-07-11 00:55 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-11 00:52 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-11 00:36 - 2014-07-02 11:41 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-11 00:35 - 2014-07-11 00:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:28 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-11 00:25 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-07-11 00:20 - 2012-04-11 07:21 - 00000000 ____D () C:\ProgramData\install_clap
2014-07-11 00:20 - 2011-07-18 22:54 - 00000000 ____D () C:\Windows\Panther
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 23:47 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 19:19 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 17:57 - 2014-07-08 18:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 17:57 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 07:28 - 2014-07-06 15:14 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira
2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-10 06:27 - 2014-07-10 06:22 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:10 - 2014-07-08 19:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:44 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-09 00:20 - 2014-07-08 19:17 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-08 22:56 - 2014-07-08 21:55 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 22:56 - 2014-07-08 21:51 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 22:56 - 2014-07-08 21:25 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 22:56 - 2014-07-08 21:09 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 22:56 - 2014-07-08 20:31 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 22:56 - 2014-07-08 20:29 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 22:56 - 2014-07-08 20:25 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 22:56 - 2014-07-08 20:17 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 22:56 - 2014-07-08 20:11 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 22:56 - 2014-07-08 20:03 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 22:56 - 2014-07-08 19:25 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 22:55 - 2014-07-08 21:53 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 22:55 - 2014-07-08 21:31 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 22:55 - 2014-07-08 21:27 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 22:55 - 2014-07-08 20:45 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 22:55 - 2014-07-08 19:51 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 22:55 - 2014-07-08 19:41 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 22:55 - 2014-07-08 19:39 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 22:54 - 2014-07-08 21:29 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 22:54 - 2014-07-08 21:19 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 22:52 - 2014-07-08 21:58 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 22:52 - 2014-07-08 20:21 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 22:52 - 2014-07-08 20:09 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 22:47 - 2011-07-18 23:22 - 00000000 ____D () C:\ProgramData\Temp
2014-07-08 22:12 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:28 - 2011-12-01 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:16 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:44 - 2014-07-08 19:37 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:44 - 2014-07-08 19:17 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:36 - 2014-07-08 19:35 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:14 - 2014-07-02 11:02 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 __RDC () C:\MSOCache
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-08 18:37 - 2014-07-06 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-07 06:34 - 2014-07-06 15:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:54 - 2009-07-14 04:38 - 00000000 ___DC () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14\C
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:49 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:48 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:47 - 2014-07-06 19:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:31 - 2014-07-06 17:30 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 17:19 - 2014-07-02 12:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:42 - 2014-07-06 15:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:18 - 2014-07-06 15:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:14 - 2011-07-18 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-06 15:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:28 - 2014-07-06 12:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:27 - 2014-07-06 12:10 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:18 - 2014-07-06 12:17 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-06 11:49 - 2014-07-05 13:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-06 11:42 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-07-06 11:41 - 2014-06-22 21:20 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-07-06 11:41 - 2014-06-22 21:17 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-07-06 11:27 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-07-06 11:22 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-07-06 11:22 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-07-06 11:22 - 2014-06-22 20:59 - 00000000 ____D () C:\Users\User\Documents\CyberLink
2014-07-06 11:18 - 2014-06-22 23:55 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-07-06 09:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-06 09:08 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-07-06 09:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-06 09:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-07-06 09:05 - 2011-05-16 15:57 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-07-06 09:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-07-06 09:03 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-07-06 08:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-07-06 08:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-07-06 08:37 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 13:06 - 2014-07-06 19:44 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-06 19:44 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-06 19:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-02 12:16 - 2014-07-02 11:43 - 00000000 ____D () C:\Temp
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:42 - 2012-04-11 07:13 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-02 11:20 - 2014-07-02 11:19 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:08 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-02 11:08 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:52 - 2014-07-02 10:51 - 00000000 ____D () C:\Recovery
2014-06-30 04:09 - 2014-07-10 06:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 06:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 17:40 - 2011-07-18 22:31 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-26 07:24 - 2014-07-08 19:13 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-06-22 18:49 - 2014-06-22 21:16 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 08:40 - 2014-06-22 21:20 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-18 04:18 - 2014-07-10 06:19 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 06:19 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 06:19 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-16 13:13 - 2014-07-08 19:39 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-06-16 13:13 - 2014-07-08 19:39 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-06-16 13:13 - 2014-07-08 19:39 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-13 14:25

==================== End Of Log ============================

mein Antivir geht nimmer, kann es sein? Ist mit diesem Uninstaller uninstalliert?

wollte antivir aktivieren, geht nicht, hab deinstalliert und über filepony heruntergeladen, kann es nicht öffnen, kommt ne Meldung, dass nur Systemadmin das tun kann, das hatte ich vorher nie: es gehn auch wieder ungefragt Fenster auf!

schrauber · 14.07.2014, 14:31

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Rockslide · 16.07.2014, 17:04

sorry, war gestern nicht zuhause, führe jetzt die Anweisungen aus :-)

ESET hat die ganze Nacht gedauert

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=47f49598484b684faae199db20a17e0f
# engine=19190
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-16 08:47:44
# local_time=2014-07-16 10:47:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 49902 1201263 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 49677 157130314 0 0
# scanned=420066
# found=38
# cleaned=0
# scan_time=48423
sh=1063DD346AC1476344397BA3B0E1E638D7E5B11B ft=1 fh=2eade84635150c36 vn="Win32/Adware.1ClickDownload.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\1ClickDownload\1ClickSettingsManager.exe.vir"
sh=5D0F9F1896E9A8515FA63DB1CF49DDD0C60014D1 ft=1 fh=d91bac540639de25 vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.6.4.1\escortShld.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=53AD8C11F100DF5F1F70685256EAB55FC99B3697 ft=1 fh=c3db0d6eddd2de42 vn="Win32/SpeedingUpMyPC.O Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=5FF88FA88D18D4FE0B68798F934183FBE5F7C0AA ft=1 fh=6ba33c5ce825bbbb vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir"
sh=B992ED7A1B4DF30F6AF8A911FBFDE92ED9F77519 ft=1 fh=5dac4dde3cd39976 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uninstaller\Uninstall.exe.vir"
sh=8F2ECA0A64557E9AF014222F696B64D4160DADDE ft=1 fh=d36ab4e35947cb8b vn="Win32/VOPackage.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=C092DC12EEDC845CA288A596F2B7508485C76556 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\360-60346.crx"
sh=848AE75F7ADF7A2F42694C828594E4D170D5B044 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\5b129954-e7dd-4971-9aba-a63c9e9df39c.crx"
sh=848AE75F7ADF7A2F42694C828594E4D170D5B044 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\60346.crx"
sh=F48705143D19D8F3112F69538213AB645BAB0438 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\60346.xpi"
sh=F7C307D9E1BFC248043CEF74321ED98B3D316A0B ft=1 fh=4fed7a1a4efff275 vn="möglicherweise Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\Browser_AppS 1.1-nova.dll"
sh=56D642925C2512CD1ECF34DB4B57A2443F41624D ft=1 fh=46d83d0cce0adfa4 vn="Variante von Generik.CPJXOQW Trojaner" ac=I fn="C:\ProgramData\AnizQoyq\AnizQoyq.dat"
sh=56D642925C2512CD1ECF34DB4B57A2443F41624D ft=1 fh=46d83d0cce0adfa4 vn="Variante von Generik.CPJXOQW Trojaner" ac=I fn="C:\Users\All Users\AnizQoyq\AnizQoyq.dat"
sh=8BAE507A594C1A405F1AA2E1C336393BCC843ADE ft=1 fh=c71c00115808ba37 vn="Variante von Win32/Skintrim.EU Trojaner" ac=I fn="C:\Users\User\AppData\Local\ycvfkd.exe"
sh=40EA0D1006EE4166545392FD6128724129F31B50 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\3439aac6-786564e5"
sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=a874d3fc82897e2d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe"
sh=A58B92BF37A2DF8A104363721744C7B3442FF35F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\USER-PC\Backup Set 2014-07-14 072648\Backup Files 2014-07-14 072648\Backup files 33.zip"
sh=F5ACE705CE5403E345D795E03718032E100BE669 ft=0 fh=0000000000000000 vn="Win32/BundleInstaller.A evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 1.zip"
sh=F7998CB25886E79D623D8FF0CA66FC123C710EB7 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 13.zip"
sh=2CFF80D071A44CD027ADB7B9FC4EAB0725093428 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 17.zip"
sh=F8BB4A998CD2A47D076DBFAB5220F46F4956EED7 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 18.zip"
sh=7B0BADE5DA25E8A5D8D5D6E0AD483414D2A74023 ft=0 fh=0000000000000000 vn="Win32/Adware.1ClickDownload.E Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 2.zip"
sh=BEE0024286DC54580B7FAC538F4E412F5750B400 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 4.zip"
sh=A0E3DB4F21324FFE9EA7EE87AF8DEAD32C133DEE ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 46.zip"
sh=FD79740FFFBEF794E78D69A4268444AB05973A7F ft=0 fh=0000000000000000 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 47.zip"
sh=6BFC19B519C4492350226CA5765103CE5378CA0F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 5.zip"
sh=F29182CF8BBB69F88B5AE50E947D8B2388075827 ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 50.zip"
sh=E48590903A871C218080FC9E7152CCD7D5A04F95 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 440.zip"
sh=464225915534268DD46B54ECCE4F33A08C667EED ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 443.zip"
sh=E5C1E69373A485FD04BD6197C4FF0F87212E6C48 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 446.zip"
sh=27DF1977EBE2DF5471A19435646455FF8A8F1DB5 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 447.zip"
sh=42CA3DEC7011F41238CAE88FC72D62D4D443F38E ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 448.zip"
sh=C86262B3EE132AFF30AF95F84A5543E500FDF270 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 470.zip"
sh=3357661FDA16149E57EE5E5937659ED085CB3E78 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 515.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="${Memory}"

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=47f49598484b684faae199db20a17e0f
# engine=19190
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-16 08:47:44
# local_time=2014-07-16 10:47:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 49902 1201263 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 49677 157130314 0 0
# scanned=420066
# found=38
# cleaned=0
# scan_time=48423
sh=1063DD346AC1476344397BA3B0E1E638D7E5B11B ft=1 fh=2eade84635150c36 vn="Win32/Adware.1ClickDownload.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\1ClickDownload\1ClickSettingsManager.exe.vir"
sh=5D0F9F1896E9A8515FA63DB1CF49DDD0C60014D1 ft=1 fh=d91bac540639de25 vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.6.4.1\escortShld.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=53AD8C11F100DF5F1F70685256EAB55FC99B3697 ft=1 fh=c3db0d6eddd2de42 vn="Win32/SpeedingUpMyPC.O Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=5FF88FA88D18D4FE0B68798F934183FBE5F7C0AA ft=1 fh=6ba33c5ce825bbbb vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir"
sh=B992ED7A1B4DF30F6AF8A911FBFDE92ED9F77519 ft=1 fh=5dac4dde3cd39976 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uninstaller\Uninstall.exe.vir"
sh=8F2ECA0A64557E9AF014222F696B64D4160DADDE ft=1 fh=d36ab4e35947cb8b vn="Win32/VOPackage.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=C092DC12EEDC845CA288A596F2B7508485C76556 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\360-60346.crx"
sh=848AE75F7ADF7A2F42694C828594E4D170D5B044 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\5b129954-e7dd-4971-9aba-a63c9e9df39c.crx"
sh=848AE75F7ADF7A2F42694C828594E4D170D5B044 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\60346.crx"
sh=F48705143D19D8F3112F69538213AB645BAB0438 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\60346.xpi"
sh=F7C307D9E1BFC248043CEF74321ED98B3D316A0B ft=1 fh=4fed7a1a4efff275 vn="möglicherweise Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Browser_AppS 1.1\Browser_AppS 1.1-nova.dll"
sh=56D642925C2512CD1ECF34DB4B57A2443F41624D ft=1 fh=46d83d0cce0adfa4 vn="Variante von Generik.CPJXOQW Trojaner" ac=I fn="C:\ProgramData\AnizQoyq\AnizQoyq.dat"
sh=56D642925C2512CD1ECF34DB4B57A2443F41624D ft=1 fh=46d83d0cce0adfa4 vn="Variante von Generik.CPJXOQW Trojaner" ac=I fn="C:\Users\All Users\AnizQoyq\AnizQoyq.dat"
sh=8BAE507A594C1A405F1AA2E1C336393BCC843ADE ft=1 fh=c71c00115808ba37 vn="Variante von Win32/Skintrim.EU Trojaner" ac=I fn="C:\Users\User\AppData\Local\ycvfkd.exe"
sh=40EA0D1006EE4166545392FD6128724129F31B50 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\3439aac6-786564e5"
sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=a874d3fc82897e2d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe"
sh=A58B92BF37A2DF8A104363721744C7B3442FF35F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\USER-PC\Backup Set 2014-07-14 072648\Backup Files 2014-07-14 072648\Backup files 33.zip"
sh=F5ACE705CE5403E345D795E03718032E100BE669 ft=0 fh=0000000000000000 vn="Win32/BundleInstaller.A evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 1.zip"
sh=F7998CB25886E79D623D8FF0CA66FC123C710EB7 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 13.zip"
sh=2CFF80D071A44CD027ADB7B9FC4EAB0725093428 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 17.zip"
sh=F8BB4A998CD2A47D076DBFAB5220F46F4956EED7 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 18.zip"
sh=7B0BADE5DA25E8A5D8D5D6E0AD483414D2A74023 ft=0 fh=0000000000000000 vn="Win32/Adware.1ClickDownload.E Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 2.zip"
sh=BEE0024286DC54580B7FAC538F4E412F5750B400 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 4.zip"
sh=A0E3DB4F21324FFE9EA7EE87AF8DEAD32C133DEE ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 46.zip"
sh=FD79740FFFBEF794E78D69A4268444AB05973A7F ft=0 fh=0000000000000000 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 47.zip"
sh=6BFC19B519C4492350226CA5765103CE5378CA0F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 5.zip"
sh=F29182CF8BBB69F88B5AE50E947D8B2388075827 ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-05-10 230002\Backup files 50.zip"
sh=E48590903A871C218080FC9E7152CCD7D5A04F95 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 440.zip"
sh=464225915534268DD46B54ECCE4F33A08C667EED ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 443.zip"
sh=E5C1E69373A485FD04BD6197C4FF0F87212E6C48 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 446.zip"
sh=27DF1977EBE2DF5471A19435646455FF8A8F1DB5 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 447.zip"
sh=42CA3DEC7011F41238CAE88FC72D62D4D443F38E ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 448.zip"
sh=C86262B3EE132AFF30AF95F84A5543E500FDF270 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 470.zip"
sh=3357661FDA16149E57EE5E5937659ED085CB3E78 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="G:\SILVIA-PC\Backup Set 2014-05-10 230002\Backup Files 2014-06-10 230006\Backup files 515.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="${Memory}"

Code:

ATTFilter

Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities Language Pack (de-DE) 
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java(TM) 7 Update 3  
 Java version out of Date! 
 Adobe Reader 10.1.2 Adobe Reader out of Date!  
 Mozilla Firefox (30.0) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Rockslide · 16.07.2014, 17:22

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by User (administrator) on USER-PC on 16-07-2014 18:17:52
Running from C:\Users\User\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(hourque) C:\Users\User\AppData\Local\ycvfkd.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\User\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [AnizQoyq] => regsvr32.exe "C:\ProgramData\AnizQoyq\AnizQoyq.dat"
HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [ycvfkd] => c:\users\user\appdata\local\ycvfkd.exe [1474560 2014-07-13] (hourque)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ycvfkd.lnk
ShortcutTarget: ycvfkd.lnk -> C:\Users\User\AppData\Local\ycvfkd.exe (hourque)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firefox.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF NetworkProxy: "type", 4
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-12]
FF HKCU\...\Firefox\Extensions: [{65449825-340B-4B0B-D82C-63B7C23DC344}] - C:\Program Files (x86)\v01Re-markit\174.xpi

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-07-06]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05]
CHR Extension: (Re-markit) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjilminfakplkijfhhempcjdfccdpeal [2014-07-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
S4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software)
S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-16 18:17 - 2014-07-16 18:17 - 02086912 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe
2014-07-16 17:59 - 2014-07-16 17:59 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-07-15 21:16 - 2014-07-15 21:16 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-07-13 17:36 - 2014-07-16 18:18 - 01042709 _____ () C:\Users\User\AppData\Local\ycvfkd.gss
2014-07-13 17:36 - 2014-07-16 17:59 - 00136192 _____ () C:\Users\User\AppData\Local\ycvfkd.gdb
2014-07-13 17:36 - 2014-07-13 17:36 - 01474560 _____ (hourque) C:\Users\User\AppData\Local\ycvfkd.exe
2014-07-13 17:24 - 2014-07-13 18:11 - 00015957 _____ () C:\Windows\IE11_main.log
2014-07-13 17:13 - 2014-07-13 17:13 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\ProgramData\Avira
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-13 17:13 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-13 17:13 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-13 17:13 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-13 17:12 - 2014-07-13 17:12 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-13 17:09 - 2014-07-14 07:16 - 00000168 _____ () C:\Windows\setupact.log
2014-07-13 17:09 - 2014-07-13 17:34 - 00306598 _____ () C:\Windows\PFRO.log
2014-07-13 17:09 - 2014-07-13 17:09 - 00517648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 17:09 - 2014-07-13 17:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 17:03 - 2014-07-13 17:07 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464(2).exe
2014-07-13 15:48 - 2014-07-13 15:51 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464(1).exe
2014-07-13 15:03 - 2014-07-13 15:03 - 00158724 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-13 15:01 - 2014-07-13 15:01 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-13 14:49 - 2014-07-13 14:56 - 00000776 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 14:43 - 2014-07-13 14:43 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 14:42 - 2014-07-13 14:42 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 14:40 - 2014-07-13 14:40 - 00006370 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-13 14:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-13 14:34 - 2014-07-13 14:41 - 00000000 ___DC () C:\AdwCleaner
2014-07-13 14:33 - 2014-07-13 14:33 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 14:33 - 2014-07-13 14:33 - 00003956 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 14:27 - 2014-07-13 14:27 - 00034209 _____ () C:\Users\User\Desktop\combo.txt
2014-07-13 13:45 - 2014-07-13 13:45 - 00034207 ____C () C:\ComboFix.txt
2014-07-13 13:15 - 2014-07-13 13:15 - 00000000 ____D () C:\ProgramData\AnizQoyq
2014-07-13 12:34 - 2014-07-16 18:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 12:33 - 2014-07-13 12:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 12:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 12:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-13 12:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-13 12:31 - 2014-07-13 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-07-13 12:20 - 2014-07-13 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-13 12:14 - 2014-07-13 12:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-12 10:52 - 2014-07-12 10:52 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2014-07-12 09:12 - 2014-07-13 13:45 - 00000000 ___DC () C:\Qoobox
2014-07-12 09:12 - 2014-07-13 13:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-12 09:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-12 09:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-12 09:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-12 09:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-12 09:07 - 2014-07-12 09:07 - 05218570 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-12 09:05 - 2014-07-12 09:05 - 00003258 _____ () C:\Windows\System32\Tasks\{DD65FB9F-3514-482D-AAAB-404A56BDE7BD}
2014-07-12 08:56 - 2014-07-12 08:56 - 00001268 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk
2014-07-12 08:56 - 2014-07-12 08:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 08:55 - 2014-07-12 08:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-07-11 12:58 - 2014-07-11 12:58 - 00001041 _____ () C:\Users\User\Desktop\Dropbox.lnk
2014-07-11 12:57 - 2014-07-15 21:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster
2014-07-11 12:57 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-11 12:56 - 2014-07-15 21:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-11 09:06 - 2014-07-11 10:07 - 00056327 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-11 09:04 - 2014-07-16 18:17 - 00013058 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-11 09:04 - 2014-07-16 18:17 - 00000000 ___DC () C:\FRST
2014-07-11 08:59 - 2014-07-13 15:01 - 02086912 ____C (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:32 - 2014-07-11 00:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 06:22 - 2014-07-10 06:27 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 06:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 06:20 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-07-10 06:20 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-07-10 06:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 06:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 06:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 06:19 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 06:19 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 06:19 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 06:19 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 06:19 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 06:19 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-10 06:19 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 06:19 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-10 06:19 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 06:19 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 06:19 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 06:19 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 06:19 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 06:19 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 06:19 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 06:19 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-10 06:19 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 06:19 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 06:19 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-10 06:19 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 06:19 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 06:19 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-10 06:19 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 06:19 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-10 06:19 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 06:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 06:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 06:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 06:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 06:19 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-07-10 06:19 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-07-10 06:19 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-07-10 06:19 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-07-10 06:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 06:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 06:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 06:17 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-07-10 06:17 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-07-10 06:17 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-07-10 06:17 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:43 - 2014-07-09 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-13 11:21 - 00003200 _____ () C:\Windows\System32\Tasks\psbep
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 22:54 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 22:54 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 22:55 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:29 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 22:56 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-13 11:21 - 00003206 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 22:55 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-06-16 13:13 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-07-08 19:39 - 2014-06-16 13:13 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-07-08 19:39 - 2014-06-16 13:13 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-07-08 19:37 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:35 - 2014-07-08 19:36 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:18 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:17 - 2014-07-15 21:56 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-08 19:17 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:14 - 2014-07-11 00:55 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:13 - 2014-07-10 06:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2014-06-26 07:24 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 __RDC () C:\MSOCache
2014-07-08 18:43 - 2014-07-10 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-08 18:38 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-07-08 18:38 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-07-08 18:38 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:38 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-07-08 07:18 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-07-08 07:18 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-07-08 07:18 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-07-08 07:18 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-07-08 07:18 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:09 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:50 - 2013-12-27 23:34 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:48 - 2014-07-13 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-06 19:48 - 2014-07-10 23:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-06 19:48 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:47 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:45 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:30 - 2014-07-06 17:31 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:36 - 2014-07-06 15:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:34 - 2014-07-07 06:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:17 - 2014-07-08 22:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-10 07:28 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:13 - 2014-07-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-06 15:12 - 2014-07-06 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:38 - 2014-07-12 09:32 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-06 12:20 - 2014-07-11 00:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:17 - 2014-07-10 23:47 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-06 12:17 - 2014-07-06 12:18 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 12:10 - 2014-07-06 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:10 - 2014-07-06 12:27 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 14:24 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAT.DLL
2014-07-05 13:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-07-05 13:58 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-07-05 13:58 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-07-05 13:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-07-05 13:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-07-05 13:58 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-07-05 13:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-05 13:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-07-05 13:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-05 13:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-07-05 13:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-07-05 13:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-07-05 13:57 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-07-05 13:57 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-07-05 13:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-07-05 13:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-07-05 13:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-07-05 13:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-07-05 13:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-07-05 13:57 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-05 13:57 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-05 13:57 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-07-05 13:57 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-05 13:57 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-07-05 13:57 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-07-05 13:57 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-07-05 13:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-05 13:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-05 13:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-07-05 13:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-07-05 13:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-07-05 13:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-07-05 13:56 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-07-05 13:56 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-07-05 13:56 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-07-05 13:56 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-07-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-07-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-07-05 13:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-07-05 13:56 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-05 13:56 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-05 13:56 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-07-05 13:56 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-07-05 13:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-07-05 13:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-07-05 13:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-07-05 13:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-07-05 13:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-07-05 13:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-07-05 13:56 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-07-05 13:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-07-05 13:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-07-05 13:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-07-05 13:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-07-05 13:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-07-05 13:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-07-05 13:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-07-05 13:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-07-05 13:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-07-05 13:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-07-05 13:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-05 13:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-05 13:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-05 13:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-05 13:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-05 13:55 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-05 13:55 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-05 13:55 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-07-05 13:55 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-07-05 13:55 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-07-05 13:55 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-07-05 13:55 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-07-05 13:55 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-07-05 13:55 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-07-05 13:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-07-05 13:55 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-07-05 13:55 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-07-05 13:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-07-05 13:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-07-05 13:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-07-05 13:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-05 13:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-07-05 13:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-07-05 13:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-07-05 13:55 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-07-05 13:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-07-05 13:55 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-07-05 13:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-07-05 13:55 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-07-05 13:55 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-07-05 13:55 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-07-05 13:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-07-05 13:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-07-05 13:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-07-05 13:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-07-05 13:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-07-05 13:55 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-07-05 13:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-07-05 13:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-07-05 13:55 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-07-05 13:55 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-07-05 13:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-07-05 13:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-07-05 13:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-07-05 13:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-07-05 13:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-07-05 13:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-07-05 13:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-07-05 13:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-07-05 13:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-07-05 13:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-07-05 13:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-07-05 13:54 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-07-05 13:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-07-05 13:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-07-05 13:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-05 13:53 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-07-05 13:53 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-05 13:53 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-07-05 13:53 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-07-05 13:53 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-07-05 13:53 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-07-05 13:53 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-07-05 13:53 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-07-05 13:53 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-07-05 13:53 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-07-05 13:53 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-07-05 13:53 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-07-05 13:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-07-05 13:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-07-05 13:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-07-05 13:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-07-05 13:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-07-05 13:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-07-05 13:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-07-05 13:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-07-05 13:52 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-07-05 13:52 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-07-05 13:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-07-05 13:52 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-07-05 13:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-07-05 13:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-07-05 13:52 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-05 13:52 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-05 13:52 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-07-05 13:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-07-05 13:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-07-05 13:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-07-05 13:52 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-07-05 13:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-05 13:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-07-05 13:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-07-05 13:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-07-05 13:52 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-07-05 13:52 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-07-05 13:52 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-07-05 13:52 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-07-05 13:52 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-07-05 13:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-07-05 13:52 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-07-05 13:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-07-05 13:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-07-05 13:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-07-05 13:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-07-05 13:52 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-07-05 13:52 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-07-05 13:52 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-05 13:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-07-05 13:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-07-05 13:52 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-05 13:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-05 13:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-05 13:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-05 13:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-05 13:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-05 13:05 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 12:16 - 2014-07-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:43 - 2014-07-02 12:16 - 00000000 ____D () C:\Temp
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:41 - 2014-07-11 00:36 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-02 11:19 - 2014-07-02 11:20 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-15 20:57 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-13 14:37 - 00001168 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 11:08 - 2014-07-13 14:37 - 00000985 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-02 11:08 - 2014-07-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:07 - 2012-04-11 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema
2014-07-02 11:07 - 2012-03-14 23:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-07-02 11:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-02 11:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2011-08-15 12:59 - 00001854 _____ () C:\Users\Public\Desktop\MEDION Services.lnk
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:04 - 2011-09-20 13:06 - 00002439 _____ () C:\Users\Public\Desktop\MEDIONmediathek.lnk
2014-07-02 11:03 - 2014-07-02 11:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-11 00:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-02 11:02 - 2014-07-08 19:14 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:51 - 2014-07-16 15:59 - 01964388 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:51 - 2014-07-02 10:52 - 00000000 ____D () C:\Recovery
2014-06-22 23:57 - 2014-07-15 21:11 - 00000000 ___RD () C:\Users\User\Dropbox
2014-06-22 23:55 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-06-22 21:21 - 2014-07-08 20:16 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-06-22 21:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-06-22 21:20 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-06-22 21:20 - 2014-07-06 11:41 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-06-22 21:20 - 2014-07-06 11:27 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-06-22 21:20 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-06-22 21:20 - 2014-06-22 08:40 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-22 21:17 - 2014-07-06 11:41 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-06-22 21:17 - 2014-04-25 12:58 - 06772879 _____ () C:\Users\User\Desktop\wordpress-3.9-de_DE.zip
2014-06-22 21:16 - 2014-06-22 18:49 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 21:16 - 2013-12-14 08:52 - 01750312 _____ (WindSolutions) C:\Users\User\Desktop\logpacker.exe
2014-06-22 21:16 - 2013-05-04 11:32 - 00001050 _____ () C:\Users\User\Desktop\VirtualDJ Home FREE.lnk
2014-06-22 21:16 - 2012-12-29 12:53 - 2884829184 _____ () C:\Users\User\Desktop\Windows Installationsdatei 12.12.iso
2014-06-22 21:15 - 2013-05-04 11:29 - 38944576 _____ (Atomix Productions) C:\Users\User\Desktop\install_virtualdj_home_v7.4.exe
2014-06-22 21:15 - 2013-03-07 23:19 - 90130256 _____ (Apple Inc.) C:\Users\User\Desktop\iTunes64Setup.exe
2014-06-22 21:14 - 2014-02-20 20:38 - 00055808 _____ () C:\Users\User\Desktop\FahrplanTage berechnen.xls
2014-06-22 21:14 - 2014-02-20 19:27 - 00057856 _____ () C:\Users\User\Desktop\Fahrplan2.xls
2014-06-22 21:14 - 2014-01-17 10:38 - 1489184417 _____ () C:\Users\User\Desktop\home-hd-de.zip
2014-06-22 21:14 - 2013-12-27 23:46 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\User\Desktop\hijackhunter_setup.exe
2014-06-22 21:14 - 2013-12-24 10:43 - 00053760 _____ () C:\Users\User\Desktop\Fahrplan2014.xls
2014-06-22 21:14 - 2013-12-17 23:43 - 36152456 _____ (Amazon) C:\Users\User\Desktop\AmazonCloudPlayerInstaller_399.exe
2014-06-22 20:59 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\CyberLink

Rockslide · 16.07.2014, 21:32

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

2014-07-16 18:18 - 2014-07-13 17:36 - 01042709 _____ () C:\Users\User\AppData\Local\ycvfkd.gss
2014-07-16 18:18 - 2014-07-11 09:04 - 00013058 _____ () C:\Users\User\Downloads\FRST.txt
2014-07-16 18:17 - 2014-07-16 18:17 - 02086912 _____ (Farbar) C:\Users\User\Downloads\FRST64(1).exe
2014-07-16 18:17 - 2014-07-13 17:36 - 00136192 _____ () C:\Users\User\AppData\Local\ycvfkd.gdb
2014-07-16 18:17 - 2014-07-11 09:04 - 00000000 ___DC () C:\FRST
2014-07-16 18:12 - 2014-07-13 12:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-16 17:59 - 2014-07-16 17:59 - 00854390 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-07-16 15:59 - 2014-07-02 10:51 - 01964388 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 21:56 - 2014-07-08 19:17 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-15 21:16 - 2014-07-15 21:16 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-07-15 21:11 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster
2014-07-15 21:11 - 2014-07-11 12:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-07-15 21:11 - 2014-06-22 23:57 - 00000000 ___RD () C:\Users\User\Dropbox
2014-07-15 21:11 - 2011-05-16 17:16 - 00649278 _____ () C:\Windows\system32\perfh01F.dat
2014-07-15 21:11 - 2011-05-16 17:16 - 00140402 _____ () C:\Windows\system32\perfc01F.dat
2014-07-15 21:11 - 2011-05-16 17:03 - 00721614 _____ () C:\Windows\system32\prfh0816.dat
2014-07-15 21:11 - 2011-05-16 17:03 - 00153308 _____ () C:\Windows\system32\prfc0816.dat
2014-07-15 21:11 - 2011-05-16 16:55 - 00732954 _____ () C:\Windows\system32\perfh015.dat
2014-07-15 21:11 - 2011-05-16 16:55 - 00156274 _____ () C:\Windows\system32\perfc015.dat
2014-07-15 21:11 - 2011-05-16 16:47 - 00736094 _____ () C:\Windows\system32\perfh013.dat
2014-07-15 21:11 - 2011-05-16 16:47 - 00153504 _____ () C:\Windows\system32\perfc013.dat
2014-07-15 21:11 - 2011-05-16 16:39 - 00732642 _____ () C:\Windows\system32\perfh010.dat
2014-07-15 21:11 - 2011-05-16 16:39 - 00147248 _____ () C:\Windows\system32\perfc010.dat
2014-07-15 21:11 - 2011-05-16 16:31 - 00676350 _____ () C:\Windows\system32\perfh00E.dat
2014-07-15 21:11 - 2011-05-16 16:31 - 00171676 _____ () C:\Windows\system32\perfc00E.dat
2014-07-15 21:11 - 2011-05-16 16:25 - 00738312 _____ () C:\Windows\system32\perfh00C.dat
2014-07-15 21:11 - 2011-05-16 16:25 - 00149982 _____ () C:\Windows\system32\perfc00C.dat
2014-07-15 21:11 - 2011-05-16 16:17 - 00738052 _____ () C:\Windows\system32\perfh00A.dat
2014-07-15 21:11 - 2011-05-16 16:17 - 00158876 _____ () C:\Windows\system32\perfc00A.dat
2014-07-15 21:11 - 2011-05-16 16:11 - 00599584 _____ () C:\Windows\system32\perfh008.dat
2014-07-15 21:11 - 2011-05-16 16:11 - 00111530 _____ () C:\Windows\system32\perfc008.dat
2014-07-15 21:11 - 2011-05-16 16:04 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-07-15 21:11 - 2011-05-16 16:04 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-07-15 21:11 - 2009-07-14 07:13 - 09283412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-15 20:57 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\Documents\Youcam
2014-07-14 07:24 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 07:24 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-14 07:16 - 2014-07-13 17:09 - 00000168 _____ () C:\Windows\setupact.log
2014-07-14 07:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 18:11 - 2014-07-13 17:24 - 00015957 _____ () C:\Windows\IE11_main.log
2014-07-13 17:36 - 2014-07-13 17:36 - 01474560 _____ (hourque) C:\Users\User\AppData\Local\ycvfkd.exe
2014-07-13 17:34 - 2014-07-13 17:09 - 00306598 _____ () C:\Windows\PFRO.log
2014-07-13 17:13 - 2014-07-13 17:13 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\ProgramData\Avira
2014-07-13 17:13 - 2014-07-13 17:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-13 17:12 - 2014-07-13 17:12 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-13 17:09 - 2014-07-13 17:09 - 00517648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 17:09 - 2014-07-13 17:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 17:07 - 2014-07-13 17:03 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464(2).exe
2014-07-13 15:51 - 2014-07-13 15:48 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464(1).exe
2014-07-13 15:03 - 2014-07-13 15:03 - 00158724 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-13 15:01 - 2014-07-13 15:01 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-07-13 15:01 - 2014-07-11 08:59 - 02086912 ____C (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-07-13 14:56 - 2014-07-13 14:49 - 00000776 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 14:43 - 2014-07-13 14:43 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 14:42 - 2014-07-13 14:42 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 14:41 - 2014-07-13 14:34 - 00000000 ___DC () C:\AdwCleaner
2014-07-13 14:40 - 2014-07-13 14:40 - 00006370 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2014-07-13 14:37 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-13 14:37 - 2014-07-02 11:08 - 00001168 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-13 14:37 - 2014-07-02 11:08 - 00000985 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-13 14:33 - 2014-07-13 14:33 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 14:33 - 2014-07-13 14:33 - 00003956 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 14:27 - 2014-07-13 14:27 - 00034209 _____ () C:\Users\User\Desktop\combo.txt
2014-07-13 13:45 - 2014-07-13 13:45 - 00034207 ____C () C:\ComboFix.txt
2014-07-13 13:45 - 2014-07-12 09:12 - 00000000 ___DC () C:\Qoobox
2014-07-13 13:40 - 2014-07-12 09:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-13 13:40 - 2009-07-14 04:34 - 00000215 ____C () C:\Windows\system.ini
2014-07-13 13:15 - 2014-07-13 13:15 - 00000000 ____D () C:\ProgramData\AnizQoyq
2014-07-13 12:33 - 2014-07-13 12:33 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-13 12:31 - 2014-07-13 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-07-13 12:20 - 2014-07-13 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-07-13 12:14 - 2014-07-13 12:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-13 12:14 - 2014-07-13 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-13 11:21 - 2014-07-08 22:08 - 00003200 _____ () C:\Windows\System32\Tasks\psbep
2014-07-13 11:21 - 2014-07-08 19:53 - 00003206 _____ () C:\Windows\System32\Tasks\ptvicepr
2014-07-13 00:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-12 13:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-12 10:52 - 2014-07-12 10:52 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe
2014-07-12 09:32 - 2014-07-06 12:38 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14
2014-07-12 09:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-12 09:07 - 2014-07-12 09:07 - 05218570 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-07-12 09:05 - 2014-07-12 09:05 - 00003258 _____ () C:\Windows\System32\Tasks\{DD65FB9F-3514-482D-AAAB-404A56BDE7BD}
2014-07-12 08:56 - 2014-07-12 08:56 - 00001268 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk
2014-07-12 08:56 - 2014-07-12 08:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 08:55 - 2014-07-12 08:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2014-07-11 12:58 - 2014-07-11 12:58 - 00001041 _____ () C:\Users\User\Desktop\Dropbox.lnk
2014-07-11 12:57 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-11 12:39 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-11 10:07 - 2014-07-11 09:06 - 00056327 _____ () C:\Users\User\Downloads\Addition.txt
2014-07-11 08:37 - 2011-07-18 23:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-11 00:55 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1
2014-07-11 00:52 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-11 00:36 - 2014-07-02 11:41 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-07-11 00:35 - 2014-07-11 00:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-11 00:28 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-07-11 00:25 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-07-11 00:20 - 2012-04-11 07:21 - 00000000 ____D () C:\ProgramData\install_clap
2014-07-11 00:20 - 2011-07-18 22:54 - 00000000 ____D () C:\Windows\Panther
2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-10 23:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-10 23:47 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk
2014-07-10 19:19 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD}
2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9}
2014-07-10 17:57 - 2014-07-08 18:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 17:57 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 07:28 - 2014-07-06 15:14 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-10 06:27 - 2014-07-10 06:22 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b
2014-07-10 06:10 - 2014-07-08 19:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator
2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks
2014-07-09 18:44 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-08 22:56 - 2014-07-08 21:55 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu
2014-07-08 22:56 - 2014-07-08 21:51 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk
2014-07-08 22:56 - 2014-07-08 21:25 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb
2014-07-08 22:56 - 2014-07-08 21:09 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba
2014-07-08 22:56 - 2014-07-08 20:31 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi
2014-07-08 22:56 - 2014-07-08 20:29 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr
2014-07-08 22:56 - 2014-07-08 20:25 - 00003200 _____ () C:\Windows\System32\Tasks\habcd
2014-07-08 22:56 - 2014-07-08 20:17 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn
2014-07-08 22:56 - 2014-07-08 20:11 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb
2014-07-08 22:56 - 2014-07-08 20:03 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug
2014-07-08 22:56 - 2014-07-08 19:25 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk
2014-07-08 22:55 - 2014-07-08 21:53 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol
2014-07-08 22:55 - 2014-07-08 21:31 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq
2014-07-08 22:55 - 2014-07-08 21:27 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch
2014-07-08 22:55 - 2014-07-08 20:45 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim
2014-07-08 22:55 - 2014-07-08 19:51 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol
2014-07-08 22:55 - 2014-07-08 19:41 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb
2014-07-08 22:55 - 2014-07-08 19:39 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv
2014-07-08 22:54 - 2014-07-08 21:29 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy
2014-07-08 22:54 - 2014-07-08 21:19 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag
2014-07-08 22:52 - 2014-07-08 21:58 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh
2014-07-08 22:52 - 2014-07-08 20:21 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu
2014-07-08 22:52 - 2014-07-08 20:09 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd
2014-07-08 22:47 - 2011-07-18 23:22 - 00000000 ____D () C:\ProgramData\Temp
2014-07-08 22:12 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client
2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat
2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat
2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo
2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat
2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm
2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat
2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa
2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat
2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat
2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat
2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat
2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat
2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat
2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj
2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat
2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb
2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat
2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn
2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat
2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat
2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat
2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr
2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat
2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat
2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat
2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat
2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat
2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat
2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat
2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat
2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat
2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk
2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat
2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat
2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat
2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt
2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat
2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat
2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat
2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat
2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp
2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat
2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat
2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd
2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat
2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful
2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat
2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat
2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat
2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd
2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat
2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi
2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat
2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat
2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat
2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa
2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat
2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat
2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat
2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat
2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat
2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat
2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks
2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat
2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat
2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat
2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat
2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:28 - 2011-12-01 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat
2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat
2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat
2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat
2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat
2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat
2014-07-08 20:16 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup
2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat
2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat
2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat
2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat
2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz
2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat
2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat
2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat
2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat
2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat
2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl
2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat
2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat
2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat
2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat
2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat
2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat
2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat
2014-07-08 19:44 - 2014-07-08 19:37 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-08 19:44 - 2014-07-08 19:17 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt
2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat
2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-08 19:39 - 2014-07-08 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti
2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat
2014-07-08 19:36 - 2014-07-08 19:35 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe
2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat
2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat
2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk
2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat
2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat
2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat
2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat
2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag
2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat
2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat
2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc
2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat
2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat
2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat
2014-07-08 19:14 - 2014-07-02 11:02 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-08 19:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 __RDC () C:\MSOCache
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-07-08 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-08 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-08 18:37 - 2014-07-06 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-08 07:10 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-07 06:34 - 2014-07-06 15:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-07-06 22:54 - 2009-07-14 04:38 - 00000000 ___DC () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14\C
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent
2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-06 19:49 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-07-06 19:48 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-07-06 19:47 - 2014-07-06 19:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1
2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans
2014-07-06 17:31 - 2014-07-06 17:30 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-07-06 17:19 - 2014-07-02 12:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 15:42 - 2014-07-06 15:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-06 15:18 - 2014-07-06 15:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP
2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 15:14 - 2011-07-18 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-06 15:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4
2014-07-06 12:28 - 2014-07-06 12:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-07-06 12:27 - 2014-07-06 12:10 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple
2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-07-06 12:18 - 2014-07-06 12:17 - 00000000 ____D () C:\ProgramData\Apple
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour
2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-07-06 11:49 - 2014-07-05 13:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-07-06 11:42 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014
2014-07-06 11:41 - 2014-06-22 21:20 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100
2014-07-06 11:41 - 2014-06-22 21:17 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen
2014-07-06 11:27 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen
2014-07-06 11:22 - 2014-06-22 21:21 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ
2014-07-06 11:22 - 2014-06-22 21:20 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister
2014-07-06 11:22 - 2014-06-22 20:59 - 00000000 ____D () C:\Users\User\Documents\CyberLink
2014-07-06 11:18 - 2014-06-22 23:55 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses
2014-07-06 09:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-06 09:08 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-06 09:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-07-06 09:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-07-06 09:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-06 09:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-07-06 09:05 - 2011-05-16 15:57 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-07-06 09:05 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\winrm
2014-07-06 09:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-07-06 09:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\WCN
2014-07-06 09:04 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\slmgr
2014-07-06 09:03 - 2011-04-12 10:17 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-07-06 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-07-06 08:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-07-06 08:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-07-06 08:37 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder
2014-07-05 13:05 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs
2014-07-02 13:06 - 2014-07-13 17:13 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-13 17:13 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-13 17:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-02 12:16 - 2014-07-02 11:43 - 00000000 ____D () C:\Temp
2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report
2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar
2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink
2014-07-02 11:42 - 2012-04-11 07:13 - 00000000 ____D () C:\ProgramData\CyberLink
2014-07-02 11:20 - 2014-07-02 11:19 - 00000000 ____D () C:\Users\User\Heaven
2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink
2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go
2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten
2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel
2014-07-02 11:08 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-02 11:08 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT
2014-07-02 11:06 - 2014-07-02 11:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit)
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel
2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics
2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady
2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi
2014-07-02 10:52 - 2014-07-02 10:51 - 00000000 ____D () C:\Recovery
2014-06-30 04:09 - 2014-07-10 06:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 06:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-26 17:40 - 2011-07-18 22:31 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-26 07:24 - 2014-07-08 19:13 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-06-22 18:49 - 2014-06-22 21:16 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx
2014-06-22 08:40 - 2014-06-22 21:20 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx
2014-06-18 04:18 - 2014-07-10 06:19 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 06:19 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 06:19 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-16 13:13 - 2014-07-08 19:39 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-06-16 13:13 - 2014-07-08 19:39 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-06-16 13:13 - 2014-07-08 19:39 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgg9k1g.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-14 08:26

==================== End Of Log ============================

Bin heute gefühlte 100 x aus dem Internet geflogen, wenn ich auf Eure Seite komme, gehen viele Werbefenster auf, das nervt. Ist das normal oder weil ich die Dinger nicht losbekomme?

Bin grad am überlegen, ich meinen fast neuen Laptop versenke

"Sie verfügen nicht über ausreichenden Berechtigung, um z.B. Antivir zu deinstallieren, wenden Sie sich an Ihren Systemadministrator", egal was ich tue, irgendwas blockiert mich immer

Mozilla Google chrome funktioniert nicht, viele Fenster ploppen auf, mein Antivir ist ziemlich beschäftigt

Plagegeister aller Art und deren Bekämpfung: Mozilla Google chrome funktioniert nicht, viele Fenster ploppen auf, mein Antivir ist ziemlich beschäftigt