Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Weiterleiten auf seektoexplore.com oder smartadserver.com

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.02.2015, 19:57   #1
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Hallo, bin neu hier im Forum und kenne mich noch nicht so richtig aus
mein System ist Win8 64bit und ich nutze Firefox und kaspersky
Seit heut stelle ich folgendes Problem fest
Wenn ich die Seite von bild aufrufe werde ich immer auf die seite seektoexplore.com oder smartadserver.com umgeleitet aber andere seiten funktionieren

Geändert von radalupa (02.02.2015 um 20:05 Uhr)

Alt 02.02.2015, 20:20   #2
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Hallo radalupa



Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Hier findest du die Anleitung für Hilfesuchende
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.


Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Bitte die FRST.txt und die Addition.txt posten wie beschrieben !
__________________

__________________

Alt 02.02.2015, 20:31   #3
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by radalupa (administrator) on CK on 02-02-2015 20:02:24
Running from C:\Users\radalupa\Desktop
Loaded Profiles: UpdatusUser & radalupa (Available profiles: UpdatusUser & radalupa)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Waterfox)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6346464 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2888352 2013-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-04-24] (IDT, Inc.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-23] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-02-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-02-24] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-653446779-1761658196-2559590348-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-653446779-1761658196-2559590348-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
URLSearchHook: [S-1-5-21-653446779-1761658196-2559590348-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-653446779-1761658196-2559590348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{00B38AB3-1333-4958-8545-A99364BEF3D1}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{7706C4D5-BF20-40AF-B1A9-02A7085C7657}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{862C16F1-8940-4827-A832-37F37FA8BC5C}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{F0C0248D-96A3-4D7A-9170-14DD0B064F79}: [NameServer] 198.101.13.115,95.211.37.200
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default
FF DefaultSearchEngine: SuchMaschine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF SearchPlugin: C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\searchplugins\suchmaschine.xml
FF Extension: Deutsch (DE) Language Pack - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-02-01]
FF Extension: SQLite Manager - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2015-01-31]
FF Extension: NoScript - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2015-01-31]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2015-01-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-06-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2015-02-01] (Kaspersky Lab ZAO)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-03-22] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-04-02] (Broadcom Corporation.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99184 2013-04-12] (ELAN Microelectronics Corp.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-18] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-24] (IDT, Inc.) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-08-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-03-22] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2012-10-13] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-02-01] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2015-02-01] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2015-02-01] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2015-02-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2015-02-01] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2015-02-01] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2015-02-01] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2015-02-01] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2015-02-01] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8239456 2013-01-04] (Realtek Semiconductor Corp.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 20:02 - 2015-02-02 20:02 - 00020708 _____ () C:\Users\radalupa\Desktop\FRST.txt
2015-02-02 20:02 - 2015-02-02 20:02 - 00000000 ____D () C:\FRST
2015-02-02 20:00 - 2015-02-02 20:00 - 02131456 _____ (Farbar) C:\Users\radalupa\Desktop\FRST64.exe
2015-02-02 18:57 - 2015-02-02 18:57 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-02 18:57 - 2015-02-02 18:57 - 00000000 ____D () C:\sources
2015-02-02 18:54 - 2015-02-02 18:57 - 00000000 ____D () C:\AdwCleaner
2015-02-02 18:53 - 2015-02-02 18:53 - 02194432 _____ () C:\Users\radalupa\Desktop\adwcleaner_4.109.exe
2015-02-02 18:35 - 2015-02-02 18:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-02 18:30 - 2015-02-02 19:48 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 18:29 - 2015-02-02 18:29 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-02 18:29 - 2015-02-02 18:29 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-02 18:29 - 2015-02-02 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-02 18:29 - 2015-02-02 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 18:29 - 2015-02-02 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-02 18:29 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-02 18:29 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-02 18:29 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\Program Files\Canon
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-02-02 16:41 - 2015-02-02 16:41 - 60366424 _____ () C:\Users\radalupa\Downloads\eppx-win-4_5_0-de.exe
2015-02-02 16:36 - 2015-02-02 16:36 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-02-02 16:36 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAT.DLL
2015-02-01 19:26 - 2014-12-09 08:12 - 00590816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2015-02-01 19:26 - 2014-12-09 08:12 - 00467408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2015-02-01 19:26 - 2014-10-22 04:34 - 00010777 _____ () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-01 19:26 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-02-01 19:26 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-01 19:26 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-02-01 19:26 - 2014-07-12 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2015-02-01 19:26 - 2014-07-12 05:15 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2015-02-01 19:26 - 2014-07-12 01:02 - 00478352 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-01 19:26 - 2014-07-12 01:00 - 00478352 _____ () C:\WINDOWS\system32\locale.nls
2015-02-01 19:26 - 2014-07-08 23:33 - 00181248 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2015-02-01 19:26 - 2014-07-08 23:32 - 01539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2015-02-01 19:26 - 2014-07-08 23:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2015-02-01 19:26 - 2014-07-08 23:30 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2015-02-01 19:26 - 2014-07-07 06:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-02-01 19:26 - 2014-07-07 06:52 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-02-01 19:26 - 2014-07-04 11:52 - 00328000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-02-01 19:26 - 2014-07-03 02:59 - 01824784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-01 19:26 - 2014-07-03 01:30 - 01408952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-01 19:26 - 2014-06-28 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-02-01 19:26 - 2014-06-28 07:56 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-02-01 19:26 - 2014-06-18 00:27 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-02-01 19:26 - 2014-06-18 00:23 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-02-01 19:26 - 2014-06-11 15:47 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-02-01 19:26 - 2014-06-11 05:40 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-02-01 19:26 - 2014-06-10 23:44 - 01403896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-02-01 19:26 - 2014-02-04 11:57 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-02-01 18:58 - 2015-02-01 18:58 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\dvdcss
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\Documents\Lenovo
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\Documents\CyberLink
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WebApp
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\CyberLink
2015-02-01 18:41 - 2015-02-01 18:41 - 00001259 _____ () C:\Users\radalupa\Desktop\WinISO.lnk
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WinISO Computing
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Local\WinISO Computing
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Program Files (x86)\WinISO Computing
2015-02-01 18:41 - 2014-02-26 11:09 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2015-02-01 18:40 - 2015-02-01 18:41 - 07043816 _____ (WinISO Computing Inc.) C:\Users\radalupa\Downloads\winiso.exe
2015-02-01 18:36 - 2015-02-01 18:36 - 01376768 _____ () C:\Users\radalupa\Downloads\7z920-x64.msi
2015-02-01 18:36 - 2015-02-01 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-01 18:36 - 2015-02-01 18:36 - 00000000 ____D () C:\Program Files\7-Zip
2015-02-01 18:34 - 2015-02-01 18:34 - 01191200 _____ () C:\Users\radalupa\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
2015-02-01 18:30 - 2015-02-01 18:30 - 01191200 _____ () C:\Users\radalupa\Downloads\7 Zip 32 Bit - CHIP-Installer.exe
2015-02-01 17:53 - 2015-02-01 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
2015-02-01 17:53 - 2015-02-01 17:53 - 00000000 ____D () C:\Program Files (x86)\Smart Projects
2015-02-01 17:52 - 2015-02-01 17:52 - 04080320 _____ (Smart Projects ) C:\Users\radalupa\Downloads\isobuster_35install.exe
2015-02-01 13:47 - 2015-02-01 20:17 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\vlc
2015-02-01 13:47 - 2015-02-01 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-01 13:47 - 2015-02-01 13:47 - 00000000 ____D () C:\Program Files\VideoLAN
2015-02-01 13:46 - 2015-02-01 13:46 - 25816568 _____ () C:\Users\radalupa\Downloads\vlc-2.1.5-win64.exe
2015-02-01 13:46 - 2015-02-01 13:46 - 00000000 ____D () C:\Program Files (x86)\Startfenster
2015-02-01 12:00 - 2015-02-01 12:01 - 00000000 ____D () C:\Users\radalupa\Downloads\Die.Pinguine.aus.Madagascar.2014.German.AC3D.DL.720p.WEB-DL.h264.READ.NFO-LameHD
2015-02-01 12:00 - 2015-02-01 12:00 - 46182208 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part32.rar
2015-02-01 12:00 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part31.rar
2015-02-01 11:59 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part30.rar
2015-02-01 11:59 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part29.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part28.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part27.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part26.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part25.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part24.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part23.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part22.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part21.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part20.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part19.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part18.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part17.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part16.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part15.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part14.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part13.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part12.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part11.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part10.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part09.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part06.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part08.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part07.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part05.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part04.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part03.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part02.rar
2015-02-01 11:55 - 2015-02-01 11:55 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part01.rar
2015-02-01 11:54 - 2015-02-01 11:54 - 00002094 _____ () C:\Users\radalupa\Desktop\JDownloader 2.lnk
2015-02-01 11:54 - 2015-02-01 11:54 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-01 11:53 - 2015-02-01 21:50 - 00000000 ____D () C:\Users\radalupa\AppData\Local\JDownloader 2.0
2015-02-01 11:41 - 2015-02-01 11:54 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2015-02-01 11:41 - 2015-02-01 11:42 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00002048 _____ () C:\Users\radalupa\Desktop\JDownloader.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00002012 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00001935 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-02-01 11:37 - 2015-02-01 11:37 - 00231544 _____ () C:\Users\radalupa\Downloads\install_jd_one.exe
2015-02-01 11:20 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\radalupa\.appwork
2015-02-01 10:26 - 2015-02-02 17:34 - 00036864 ___SH () C:\Users\radalupa\Desktop\Thumbs.db
2015-02-01 10:26 - 2015-02-01 10:26 - 00000000 ____D () C:\Users\radalupa\Desktop\thermomix
2015-02-01 10:26 - 2015-02-01 10:26 - 00000000 ____D () C:\Users\radalupa\Desktop\Hochzeit
2015-02-01 10:05 - 2015-02-01 10:05 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\8pecxstudios
2015-02-01 10:05 - 2015-02-01 10:05 - 00000000 ____D () C:\Users\radalupa\AppData\Local\8pecxstudios
2015-02-01 10:04 - 2015-02-01 10:04 - 48739504 _____ (8pecxstudios ) C:\Users\radalupa\Downloads\Cyberfox-35.0.1.exe
2015-02-01 10:04 - 2015-02-01 10:04 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-01 10:04 - 2015-02-01 10:04 - 00000000 ____D () C:\Program Files\Cyberfox
2015-02-01 09:57 - 2015-02-01 09:57 - 00304591 _____ () C:\Users\radalupa\Downloads\Waterfox 28 langpack-de.zip
2015-02-01 09:43 - 2015-02-01 09:43 - 58867704 _____ () C:\Users\radalupa\Downloads\Waterfox_35.0_Setup.exe
2015-02-01 09:43 - 2015-02-01 09:43 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-02-01 09:43 - 2015-02-01 09:43 - 00000893 _____ () C:\Users\Public\Desktop\Waterfox.lnk
2015-02-01 09:43 - 2015-02-01 09:43 - 00000000 ____D () C:\Program Files\Waterfox
2015-02-01 09:39 - 2015-02-01 09:39 - 01191200 _____ () C:\Users\radalupa\Downloads\Firefox 37 Nightly 64 Bit - CHIP-Installer.exe
2015-02-01 09:29 - 2015-02-01 11:22 - 00000000 ____D () C:\Users\radalupa\AppData\Local\JDownloader v2.0
2015-02-01 09:29 - 2015-02-01 09:32 - 00000000 ____D () C:\Users\radalupa\AppData\Local\748078
2015-02-01 09:29 - 2015-02-01 09:29 - 00000000 ____D () C:\ProgramData\{629D8A5E-321F-5BD8-8399-2B5A531BF8D4}
2015-02-01 09:19 - 2015-01-24 21:20 - 00714176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-01 09:19 - 2015-01-24 21:20 - 00106432 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 09:09 - 2015-02-01 09:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-01 09:09 - 2015-02-01 09:09 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-01 08:21 - 2014-10-09 05:00 - 01519104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-02-01 08:21 - 2014-10-09 05:00 - 01484288 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-02-01 08:21 - 2014-10-09 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-02-01 08:21 - 2014-10-09 04:59 - 01195520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-02-01 08:21 - 2014-10-09 04:59 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-02-01 07:56 - 2014-07-15 23:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-02-01 07:40 - 2015-02-01 07:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-01 07:40 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-01 07:35 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-01 07:35 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-01 07:26 - 2014-02-04 00:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-02-01 07:26 - 2014-02-04 00:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2015-02-01 07:26 - 2014-01-31 01:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-02-01 07:26 - 2014-01-31 01:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-02-01 07:26 - 2014-01-27 04:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-02-01 07:26 - 2014-01-16 00:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2015-02-01 07:26 - 2014-01-03 00:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-02-01 07:26 - 2014-01-03 00:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-02-01 07:25 - 2014-11-05 07:40 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-02-01 07:25 - 2014-11-05 07:39 - 01024512 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-02-01 07:25 - 2014-11-01 07:28 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-02-01 07:25 - 2014-10-29 15:21 - 00499008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-02-01 07:25 - 2014-10-27 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-01 07:25 - 2014-08-28 07:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-02-01 07:25 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-02-01 07:25 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-02-01 07:25 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-02-01 07:25 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-02-01 07:25 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-02-01 07:25 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2015-02-01 07:25 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-02-01 07:25 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2015-02-01 07:25 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2015-02-01 07:25 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-02-01 07:25 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2015-02-01 07:25 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2015-02-01 07:25 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2015-02-01 07:25 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2015-02-01 07:25 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-02-01 07:25 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-02-01 07:24 - 2014-11-15 07:06 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-02-01 07:24 - 2014-11-15 06:13 - 03286016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-02-01 07:24 - 2014-11-15 06:12 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-02-01 07:24 - 2014-11-15 04:54 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-02-01 07:24 - 2014-11-15 04:53 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-02-01 07:24 - 2014-11-15 04:53 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-02-01 07:24 - 2014-11-15 04:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-02-01 07:22 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2015-02-01 07:22 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2015-02-01 07:21 - 2014-06-13 02:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-02-01 07:21 - 2014-06-13 02:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2015-02-01 07:21 - 2014-06-05 02:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-02-01 07:21 - 2014-06-04 00:12 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-02-01 07:21 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2015-02-01 07:21 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2015-02-01 07:21 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-02-01 07:21 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2015-02-01 07:21 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2015-02-01 07:21 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2015-02-01 07:21 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2015-02-01 07:21 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2015-02-01 07:21 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2015-02-01 07:21 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2015-02-01 07:21 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2015-02-01 07:21 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2015-02-01 07:21 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-02-01 07:21 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-02-01 07:11 - 2015-02-01 07:11 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Macromedia
2015-02-01 07:10 - 2015-02-02 18:19 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-01 07:10 - 2015-02-01 07:10 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-01 07:10 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Sun
2015-02-01 07:10 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 07:10 - 2015-02-01 07:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-01 07:09 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 07:09 - 2015-02-01 07:09 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 21:22 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2015-01-31 21:22 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-01-31 21:22 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2015-01-31 21:22 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2015-01-31 21:21 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-31 21:21 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2015-01-31 21:21 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2015-01-31 21:21 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2015-01-31 21:20 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2015-01-31 21:20 - 2013-08-15 23:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2015-01-31 21:20 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2015-01-31 21:14 - 2014-08-01 00:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-31 21:14 - 2014-06-18 00:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2015-01-31 21:14 - 2014-06-18 00:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2015-01-31 21:06 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2015-01-31 21:06 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-01-31 21:06 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2015-01-31 21:05 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-01-31 21:05 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-01-31 20:58 - 2015-02-01 20:04 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Nero
2015-01-31 20:58 - 2015-01-31 20:58 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Nero
2015-01-31 20:58 - 2015-01-31 20:58 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Nero_AG
2015-01-31 20:52 - 2014-11-27 03:40 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-31 20:52 - 2014-11-27 02:28 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-31 20:50 - 2015-02-02 19:57 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-01-31 20:50 - 2015-02-02 19:55 - 00000000 ____D () C:\ProgramData\Nero
2015-01-31 20:50 - 2015-01-31 20:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2015-01-31 20:49 - 2015-01-31 20:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-31 20:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-01-31 20:47 - 2014-12-11 07:51 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-31 20:47 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-31 20:47 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-31 20:47 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-31 20:47 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-31 20:47 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-31 20:46 - 2014-08-09 09:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-31 20:46 - 2014-08-09 09:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2015-01-31 20:46 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2015-01-31 20:46 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2015-01-31 20:46 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-01-31 20:46 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2015-01-31 20:45 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-31 20:45 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-31 20:45 - 2014-10-11 08:44 - 19764736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-31 20:45 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-31 20:45 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-31 20:45 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-31 20:45 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-31 20:45 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-31 20:45 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-01-31 20:45 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-01-31 20:45 - 2014-07-24 04:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-31 20:45 - 2014-07-24 04:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-31 20:44 - 2014-12-19 07:48 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-31 20:44 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-31 20:44 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-31 20:44 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-31 20:44 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-01-31 20:44 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-31 20:44 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-31 20:44 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-31 20:44 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-31 20:44 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-01-31 20:44 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-01-31 20:44 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-01-31 20:44 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-31 20:44 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2015-01-31 20:44 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2015-01-31 20:44 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2015-01-31 20:44 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2015-01-31 20:44 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2015-01-31 20:44 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2015-01-31 20:44 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2015-01-31 20:44 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2015-01-31 20:44 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2015-01-31 20:44 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2015-01-31 20:43 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2015-01-31 20:43 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-01-31 20:43 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2015-01-31 20:43 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-31 20:43 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2015-01-31 20:43 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2015-01-31 20:43 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-31 20:43 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2015-01-31 20:43 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2015-01-31 20:43 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-01-31 20:43 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2015-01-31 20:43 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-01-31 20:43 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-01-31 20:43 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2015-01-31 20:43 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-01-31 20:43 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-31 20:43 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-01-31 20:42 - 2014-12-05 02:40 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-01-31 20:42 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-31 20:42 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-31 20:42 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-31 20:42 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-31 20:42 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-31 20:42 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-31 20:42 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-31 20:42 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-31 20:42 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-31 20:42 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-31 20:42 - 2014-06-02 23:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-01-31 20:42 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2015-01-31 20:42 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2015-01-31 20:42 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2015-01-31 20:42 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-01-31 20:42 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-01-31 20:42 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-01-31 20:42 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-01-31 20:42 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-01-31 20:42 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2015-01-31 20:42 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2015-01-31 20:42 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-31 20:42 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-31 20:42 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-01-31 20:42 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-31 20:42 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-01-31 20:42 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2015-01-31 20:42 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-01-31 20:42 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2015-01-31 20:42 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2015-01-31 20:42 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2015-01-31 20:42 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2015-01-31 20:42 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-31 20:42 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-31 20:42 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-31 20:42 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-31 20:42 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-31 20:42 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-31 20:42 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-01-31 20:41 - 2014-12-06 08:53 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-31 20:41 - 2014-12-06 08:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-31 20:41 - 2014-12-06 08:52 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-31 20:41 - 2014-12-06 08:52 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-31 20:41 - 2014-12-06 08:52 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-31 20:41 - 2014-12-06 08:51 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-31 20:41 - 2014-12-06 08:51 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-31 20:41 - 2014-12-06 08:50 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-31 20:41 - 2014-12-06 07:10 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-31 20:41 - 2014-12-06 07:10 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-31 20:41 - 2014-12-06 07:09 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-31 20:41 - 2014-12-06 07:09 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-31 20:41 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-31 20:41 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-31 20:41 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-31 20:41 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-31 20:41 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-31 20:41 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-31 20:41 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-31 20:41 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-31 20:41 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-31 20:41 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-31 20:41 - 2014-04-29 23:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-01-31 20:41 - 2014-04-29 23:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-01-31 20:41 - 2014-01-31 01:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-01-31 20:41 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-31 20:41 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-31 20:41 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-01-31 20:41 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-01-31 20:41 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-01-31 20:41 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-01-31 20:41 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-01-31 20:41 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-01-31 20:40 - 2014-03-11 04:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2015-01-31 20:40 - 2014-03-11 01:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2015-01-31 20:40 - 2014-03-11 01:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2015-01-31 20:40 - 2014-03-11 01:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2015-01-31 20:40 - 2014-03-11 01:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2015-01-31 20:40 - 2014-03-10 04:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-31 20:40 - 2014-03-10 02:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2015-01-31 20:40 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-01-31 20:40 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2015-01-31 20:40 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2015-01-31 20:40 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2015-01-31 20:40 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2015-01-31 20:40 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-01-31 20:40 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-01-31 20:40 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-01-31 20:40 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-01-31 20:39 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-31 20:39 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-31 20:39 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-31 20:39 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-31 20:39 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-01-31 20:39 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-01-31 20:39 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-01-31 20:39 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2015-01-31 20:38 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2015-01-31 20:38 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2015-01-31 20:38 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-01-31 20:38 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-01-31 20:38 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2015-01-31 20:38 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2015-01-31 20:38 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2015-01-31 20:38 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2015-01-31 20:38 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2015-01-31 20:38 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2015-01-31 20:38 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2015-01-31 20:38 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-01-31 20:38 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-01-31 20:38 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-31 20:38 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-31 20:38 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-01-31 20:38 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2015-01-31 20:38 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2015-01-31 20:38 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2015-01-31 20:38 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-01-31 20:38 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2015-01-31 20:38 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2015-01-31 20:37 - 2014-12-19 05:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-31 20:37 - 2014-12-11 08:35 - 06973248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-31 20:37 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-31 20:37 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-31 20:37 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-31 20:37 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-31 20:37 - 2014-07-24 14:50 - 00447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-01-31 20:37 - 2014-07-17 00:28 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2015-01-31 20:37 - 2014-07-16 23:59 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2015-01-31 20:37 - 2014-07-16 23:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2015-01-31 20:37 - 2014-07-12 07:45 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2015-01-31 20:37 - 2014-07-12 05:36 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-01-31 20:37 - 2014-07-12 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-01-31 20:37 - 2014-07-12 05:34 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-01-31 20:37 - 2014-07-12 05:34 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-01-31 20:37 - 2014-06-28 07:57 - 01341952 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-01-31 20:37 - 2014-06-28 03:23 - 01126400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-01-31 20:37 - 2014-06-13 00:34 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-31 20:37 - 2014-06-13 00:29 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-31 20:37 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-01-31 20:37 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-01-31 20:37 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-01-31 20:37 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-01-31 20:37 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-01-31 20:36 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-31 20:36 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-31 20:36 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-31 20:36 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-31 20:36 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-31 20:36 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-31 20:36 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-31 20:36 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-31 20:36 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-01-31 20:36 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-01-31 20:36 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-01-31 20:36 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-01-31 20:36 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-31 20:36 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-01-31 20:36 - 2014-05-29 05:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-01-31 20:36 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-01-31 20:36 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-01-31 20:36 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2015-01-31 20:36 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2015-01-31 20:36 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-01-31 20:36 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2015-01-31 20:36 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2015-01-31 20:36 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2015-01-31 20:36 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-31 20:36 - 2014-03-01 10:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-01-31 20:36 - 2014-03-01 10:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-01-31 20:36 - 2014-03-01 09:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2015-01-31 20:36 - 2014-03-01 07:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2015-01-31 20:36 - 2014-02-15 05:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2015-01-31 20:36 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2015-01-31 20:36 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-01-31 20:36 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2015-01-31 20:35 - 2014-10-30 08:20 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-31 20:35 - 2014-10-30 06:22 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-31 20:35 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-01-31 20:35 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-01-31 20:34 - 2015-01-31 20:34 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Thunderbird
2015-01-31 20:34 - 2015-01-31 20:34 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Thunderbird
2015-01-31 20:33 - 2015-01-31 17:23 - 00000689 _____ () C:\Users\radalupa\Documents\indexfile.txt
2015-01-31 20:28 - 2015-01-31 20:32 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2015-01-31 20:28 - 2015-01-31 20:28 - 00002109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-01-31 20:28 - 2015-01-31 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2015-01-31 20:28 - 2015-01-31 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-31 20:27 - 2015-01-31 20:27 - 28742864 _____ (Mozilla) C:\Users\radalupa\Downloads\Thunderbird Setup 31.4.0.exe
2015-01-31 20:27 - 2015-01-31 20:27 - 01191200 _____ () C:\Users\radalupa\Downloads\MozBackup - CHIP-Installer.exe
2015-01-31 20:22 - 2015-01-31 20:22 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Nitro
2015-01-31 20:17 - 2015-01-31 20:17 - 00001336 _____ () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2015-01-31 20:17 - 2015-01-31 20:17 - 00000355 _____ () C:\Users\radalupa\Desktop\Computer - Verknüpfung.lnk
2015-01-31 20:15 - 2015-02-02 19:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-31 20:15 - 2015-02-01 07:30 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-01-31 20:15 - 2015-02-01 07:30 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-01-31 20:15 - 2015-01-31 20:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-31 20:15 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2015-01-31 20:14 - 2015-01-31 20:14 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WinRAR
2015-01-31 20:14 - 2013-08-25 18:55 - 00000000 ____D () C:\Users\radalupa\Desktop\Kaspersky.Internet.Security.14.0.0.4651
2015-01-31 20:13 - 2015-01-31 20:13 - 02060888 _____ () C:\Users\radalupa\Downloads\winrar-x64-520d.exe
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-31 20:11 - 2015-01-31 20:11 - 01191200 _____ () C:\Users\radalupa\Downloads\WinRAR 32 Bit - CHIP-Installer.exe
2015-01-31 20:10 - 2015-01-31 20:14 - 37319391 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part3.rar
2015-01-31 20:10 - 2015-01-31 20:10 - 104857600 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part2.rar
2015-01-31 20:10 - 2015-01-31 20:10 - 104857600 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part1.rar
2015-01-31 20:04 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-31 20:04 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-31 20:04 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-31 19:59 - 2015-02-01 09:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-31 19:59 - 2015-01-31 20:00 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Mozilla
2015-01-31 19:59 - 2015-01-31 20:00 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Mozilla
2015-01-31 19:59 - 2015-01-31 19:59 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-31 19:59 - 2015-01-31 19:59 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-31 19:59 - 2015-01-31 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-31 19:55 - 2015-01-31 20:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-31 19:51 - 2015-02-02 19:16 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-653446779-1761658196-2559590348-1002
2015-01-31 19:48 - 2015-02-01 07:11 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Adobe
2015-01-31 19:48 - 2015-01-31 19:51 - 00000000 ____D () C:\Users\radalupa\AppData\Local\LSC
2015-01-31 19:29 - 2015-02-01 07:32 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\LSC
2015-01-31 19:28 - 2015-01-31 19:28 - 00000000 ____D () C:\Users\radalupa\Documents\Bluetooth-Exchange-Ordner
2015-01-31 19:28 - 2015-01-31 19:28 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Broadcom
2015-01-31 19:27 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Lenovo
2015-01-31 19:27 - 2015-01-31 19:29 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Adobe
2015-01-31 19:27 - 2015-01-31 19:27 - 00001449 _____ () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\ProgramData\Energy Management
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\ProgramData\eBay
2015-01-31 19:26 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\radalupa
2015-01-31 19:26 - 2015-01-31 19:27 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Packages
2015-01-31 19:26 - 2015-01-31 19:26 - 00000020 ___SH () C:\Users\radalupa\ntuser.ini
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Vorlagen
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Startmenü
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Netzwerkumgebung
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Lokale Einstellungen
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Eigene Dateien
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Druckumgebung
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Documents\Eigene Musik
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Documents\Eigene Bilder
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Local\Verlauf
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Local\Anwendungsdaten
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Anwendungsdaten
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 ____D () C:\Users\radalupa\AppData\Local\VirtualStore
2015-01-31 19:26 - 2013-08-24 01:45 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-31 19:26 - 2013-08-24 01:42 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-31 19:26 - 2013-08-23 16:29 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Macromedia
2015-01-31 19:26 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 19:26 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 18:49 - 2015-01-31 18:49 - 00000000 _____ () C:\Recovery.txt
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 20:02 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-02 19:46 - 2013-08-23 15:54 - 02025314 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-02 19:13 - 2012-07-26 08:21 - 00027912 _____ () C:\WINDOWS\setupact.log
2015-02-02 19:04 - 2013-08-24 01:35 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-02 19:04 - 2013-08-24 01:35 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-02 19:04 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-02 18:59 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-02 18:58 - 2013-08-23 16:34 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-02-02 18:58 - 2013-03-25 22:02 - 00090426 _____ () C:\WINDOWS\PFRO.log
2015-02-02 18:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2015-02-02 18:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\security
2015-02-02 18:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-02 18:57 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-02-02 18:57 - 2012-07-26 06:37 - 00000000 ____D () C:\WINDOWS\servicing
2015-02-02 16:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-01 18:56 - 2013-08-23 16:34 - 00000000 ____D () C:\ProgramData\Lenovo
2015-02-01 14:53 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-01 09:13 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-01 09:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-01 09:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 09:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-01 07:41 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-01 07:32 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-01 07:30 - 2013-06-10 12:27 - 00030304 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klim6.sys
2015-02-01 07:30 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2015-02-01 07:30 - 2013-05-07 17:56 - 00065120 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2015-02-01 07:30 - 2013-05-06 09:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2015-02-01 07:30 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klmouflt.sys
2015-02-01 07:30 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2015-02-01 07:30 - 2012-07-27 18:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys
2015-01-31 20:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Cursors
2015-01-31 20:15 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-31 19:56 - 2013-08-23 16:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-31 19:50 - 2013-08-23 16:29 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-01-31 19:50 - 2013-08-23 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-31 19:50 - 2013-08-23 16:15 - 00000000 ____D () C:\Program Files\Lenovo
2015-01-31 19:50 - 2013-08-23 16:14 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-31 19:50 - 2013-08-23 16:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-31 19:49 - 2013-08-23 16:29 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-01-31 19:27 - 2013-08-24 02:45 - 00087475 _____ () C:\WINDOWS\modules.log
2015-01-31 18:48 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-31 17:49 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-31 17:49 - 2012-07-26 06:37 - 00000000 ___HD () C:\Users\Default

==================== Files in the root of some directories =======

2013-08-23 16:14 - 2013-08-23 16:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\radalupa\AppData\Local\Temp\130672529205057406.exe
C:\Users\radalupa\AppData\Local\Temp\13067252937823215518.exe
C:\Users\radalupa\AppData\Local\Temp\130672606847965365.exe
C:\Users\radalupa\AppData\Local\Temp\13067260698916109949.exe
C:\Users\radalupa\AppData\Local\Temp\proxy_vole8595309572085797780.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-03-25 22:02

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 02.02.2015, 20:33   #4
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by radalupa at 2015-02-02 20:03:01
Running from C:\Users\radalupa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 35.0.1.0 - 8pecxstudios)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6400 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10206 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.17.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5987 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
NVIDIA Grafiktreiber 311.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.34 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster) <==== ATTENTION!
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Waterfox 35.0 (x64 en-US) (HKLM\...\Waterfox 35.0 (x64 en-US)) (Version: 35.0 - Mozilla)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

31-01-2015 19:49:36 Installed Lenovo Solution Center.
02-02-2015 19:46:00 Removed Nero 2015.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B5A9430-B7D1-42BA-AD66-29F55D4283AF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {1C004263-BF71-4687-99E7-E182069A710C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {2E427535-FA5C-4BCA-B199-CDA79EDFFBAB} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {70E19172-4506-463D-90B4-97C1F57084CA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {715DAFEC-B980-42F2-B54E-168B571F6384} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {7D0A6397-7266-4FFE-991E-0811D1B48B22} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {87A3BE10-828D-4BAB-8F85-5D4E98FD9136} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {9F797E3A-999F-46B5-9808-62C495E7182A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-01] (Adobe Systems Incorporated)
Task: {AAD9C085-07C7-478B-BAA1-EDF05332FD95} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {B69B2774-85A4-45CF-ADCF-E435D10B228A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-04-02 15:03 - 2013-04-02 15:03 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2013-08-23 16:34 - 2013-08-23 16:34 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-08-23 16:34 - 2013-08-23 16:34 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-06-27 03:16 - 2013-01-16 21:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-23 16:10 - 2012-07-18 19:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-31 19:59 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-653446779-1761658196-2559590348-500 - Administrator - Disabled)
Gast (S-1-5-21-653446779-1761658196-2559590348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-653446779-1761658196-2559590348-1004 - Limited - Enabled)
radalupa (S-1-5-21-653446779-1761658196-2559590348-1002 - Administrator - Enabled) => C:\Users\radalupa
UpdatusUser (S-1-5-21-653446779-1761658196-2559590348-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 07:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pfsvc.exe, Version: 1.10.0.8, Zeitstempel: 0x54c000f0
Name des fehlerhaften Moduls: pfsvc.exe, Version: 1.10.0.8, Zeitstempel: 0x54c000f0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000250ec
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0xpfsvc.exe0
Pfad der fehlerhaften Anwendung: pfsvc.exe1
Pfad des fehlerhaften Moduls: pfsvc.exe2
Berichtskennung: pfsvc.exe3
Vollständiger Name des fehlerhaften Pakets: pfsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pfsvc.exe5

Error: (02/02/2015 07:04:00 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4440) Versuch, Datei "C:\Users\radalupa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (02/01/2015 08:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x1e74
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 07:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x1e0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 07:35:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x2dd0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 05:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x2ed4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 05:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x2eac
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 01:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x7fc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 01:49:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x2ad0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (02/01/2015 01:49:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16912, Zeitstempel: 0x536464ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000041341
ID des fehlerhaften Prozesses: 0x27a4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5


System errors:
=============
Error: (02/02/2015 07:02:01 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (02/02/2015 07:02:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (02/02/2015 06:58:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (02/02/2015 06:58:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (02/02/2015 06:57:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (02/02/2015 06:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 06:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 06:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindowsMangerProtect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 06:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Speedly FastIP" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 06:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Phrase Finder 1.10.0.8 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (02/02/2015 07:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pfsvc.exe1.10.0.854c000f0pfsvc.exe1.10.0.854c000f0c0000409000250ec84c01d03f12024fcf76C:\Program Files (x86)\PhraseFinder_1.10.0.8\Service\pfsvc.exeC:\Program Files (x86)\PhraseFinder_1.10.0.8\Service\pfsvc.exe4a0b36b4-ab07-11e4-be76-1c3e84e076ca

Error: (02/02/2015 07:04:00 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex4440C:\Users\radalupa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (02/01/2015 08:17:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413411e7401d03e53aae6e858C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dllfb3dc2d4-aa46-11e4-be75-1c3e84e076ca

Error: (02/01/2015 07:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413411e001d03e4e228b9b3bC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll9c46d751-aa41-11e4-be75-1c3e84e076ca

Error: (02/01/2015 07:35:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413412dd001d03e4dd5c76213C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll1d6b39ae-aa41-11e4-be75-1c3e84e076ca

Error: (02/01/2015 05:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413412ed401d03e3cf0d8ee9eC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll3f5c2a83-aa30-11e4-be75-1c3e84e076ca

Error: (02/01/2015 05:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413412eac01d03e3cc8d09a6bC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll25884309-aa30-11e4-be75-1c3e84e076ca

Error: (02/01/2015 01:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413417fc01d03e1d94540ca5C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dlld6975757-aa10-11e4-be75-1c3e84e076ca

Error: (02/01/2015 01:49:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac000000500000000000413412ad001d03e1d8d4df811C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dllce97993f-aa10-11e4-be75-1c3e84e076ca

Error: (02/01/2015 01:49:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.2.9200.16912536464bac0000005000000000004134127a401d03e1d887c055bC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dllc7723384-aa10-11e4-be75-1c3e84e076ca


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 23%
Total physical RAM: 8071.27 MB
Available physical RAM: 6162.14 MB
Total Pagefile: 12679.27 MB
Available Pagefile: 10730.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:223.51 GB) (Free:167.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:9.44 GB) NTFS
Drive e: (Volume) (Fixed) (Total:201.63 GB) (Free:37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AAD39A75)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Zitat:
Zitat von Warlord711 Beitrag anzeigen
Hallo radalupa



Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Hier findest du die Anleitung für Hilfesuchende
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.


Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Bitte die FRST.txt und die Addition.txt posten wie beschrieben !
Danke das du mir helfen willst

Alt 03.02.2015, 09:14   #5
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 03.02.2015, 09:59   #6
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 03/02/2015 um 09:19:25
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-02.1 [Live]
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : radalupa - CK
# Gestartet von : C:\Users\radalupa\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Cyberfox v


*************************

AdwCleaner[R0].txt - [4313 octets] - [02/02/2015 18:54:32]
AdwCleaner[R1].txt - [892 octets] - [03/02/2015 09:18:16]
AdwCleaner[S0].txt - [3471 octets] - [02/02/2015 18:57:11]
AdwCleaner[S1].txt - [814 octets] - [03/02/2015 09:19:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [873 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8 x64
Ran by radalupa on 03.02.2015 at  9:27:39,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERCTRL.EXE-7186A564.pf



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2015 at  9:29:41,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.02.2015
Suchlauf-Zeit: 18:30:44
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: 
Rootkit Datenbank: 
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: radalupa

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 369780
Verstrichene Zeit: 7 Min, 4 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: 
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 9904, Löschen bei Neustart, [f8b32feab3d7ab8bb9095c0ac23e8a76]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 10436, Löschen bei Neustart, [affc70a9eaa0ec4adb25ec1df111a55b]

Module: 2
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [22895ebb8a00cc6a22917a0a4fb43ac6], 

Registrierungsschlüssel: 24
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [f8b32feab3d7ab8bb9095c0ac23e8a76], 
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [affc70a9eaa0ec4adb25ec1df111a55b], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, In Quarantäne, [d6d59f7acfbb5fd7b04949ad29d936ca], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, In Quarantäne, [d6d59f7acfbb5fd7b04949ad29d936ca], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [397212075436b87eba8a2ebd966e8878], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [2a8173a66624c76f7e348df77a89b54b], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [3a7120f93d4de84ee9a536c9cd37817f], 
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\vi-viewSoftware, In Quarantäne, [8c1f7a9fd3b70c2a79edf6906d96758b], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [3b70ce4b6723f73f51f3edfece36827e], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [0aa1c0597515dc5a94f42f6b21e2f010], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [d8d34ccd4545b581f3c54f40ab588779], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_vosteran, In Quarantäne, [e6c501189ceee056590e8f794bbaa65a], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [1b900514bbcfc96ddac85871e91a10f0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [e8c3cf4af09a4fe73b7bf4ebee16b24e], 
PUP.Optional.Qone8, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [83281108ccbe2115a99af6f5887ccb35], 
PUP.Optional.FastStart.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [644733e6c9c1f442c0e00e894eb524dc], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Vosteran, In Quarantäne, [b8f34dcc0a80d85ec1a6067161a2b14f], 
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\vi-view uninstall, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 

Registrierungswerte: 6
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, In Quarantäne, [b2f972a7d6b445f1e74b18f238cdec14]
PUP.Optional.FFToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fftoolbar2014@etech.com, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com, In Quarantäne, [bbf0b267454568ce47054d37778c06fa]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com, In Quarantäne, [88230a0fa5e50d29733553ab03012cd4]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [0aa1c0597515dc5a94f42f6b21e2f010]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, In Quarantäne, [e8c3cf4af09a4fe73b7bf4ebee16b24e]
PUP.Optional.FastStart.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [644733e6c9c1f442c0e00e894eb524dc]

Registrierungsdaten: 10
PUP.Optional.ViView.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}),Ersetzt,[505bf920dbaff73f938eadf645c03fc1]
PUP.Optional.ViView.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY),Ersetzt,[634832e7acde3afc35135e45689d6f91]
PUP.Optional.ViView.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY),Ersetzt,[5a516bae5c2e7cba6d276f35a2637f81]
PUP.Optional.ViView.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}),Ersetzt,[5556e336fb8f41f53ae5ebb861a448b8]
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}),Ersetzt,[acffb663c6c4fd3937ea208359acf709]
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY),Ersetzt,[1695a871b3d78ea8a7a1f3b07293b64a]
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY),Ersetzt,[92190a0fcfbb8bab078d1c8850b5c23e]
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY&q={searchTerms}),Ersetzt,[307bc851acde1b1bed32634049bc9a66]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[2e7d63b68dfd0b2bdaa2efc06b9a01ff]
PUP.Optional.ViView.A, HKU\S-1-5-21-653446779-1761658196-2559590348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/?type=hp&ts=1422787117&from=cor&uid=ST500LM000-1EJ162_W370BBLYXXXXW370BBLY),Ersetzt,[109b6eab6228d46214351d867e87bb45]

Ordner: 72
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\tools, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\lib, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\module, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\pack, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\en, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\en-US, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\es, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\es-419, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\it, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\it-CH, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\pl, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\ru, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\tr, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\vi, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\defaults, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\defaults\preferences, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [82298f8a8bffdc5a8af768f850b316ea], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [82298f8a8bffdc5a8af768f850b316ea], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran, In Quarantäne, [b8f34dcc0a80d85ec1a6067161a2b14f], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [b1fa1207f991c472449a136a8083d42c], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [b1fa1207f991c472449a136a8083d42c], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome\content, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome\skin, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 

Dateien: 175
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [f8b32feab3d7ab8bb9095c0ac23e8a76], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [affc70a9eaa0ec4adb25ec1df111a55b], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [812a8a8f4a402214b110d22d699943bd], 
PUP.Optional.WindowsProtectManger.A, C:\Users\radalupa\AppData\Local\Temp\158AF40F-387C-4D75-B9F1-9186769876B9mp\tmp\wpm_v20.0.0.1714.exe, In Quarantäne, [ffacce4b890192a41ba7382e33cd6f91], 
PUP.Optional.XTab.A, C:\Users\radalupa\AppData\Local\Temp\158AF40F-387C-4D75-B9F1-9186769876B9mp\tmp\XTab_v4.0.exe, In Quarantäne, [c5e641d8870345f13ec2c14806fcba46], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\arrow.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_add_logo_hover.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\default_logo.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\googlelogo2.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\weather\0.png, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ie8.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [22895ebb8a00cc6a22917a0a4fb43ac6], 
PUP.Optional.Vosteran.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\searchplugins\Vosteran.xml, In Quarantäne, [decd5cbdf09a9a9ca0caad5b7095dc24], 
PUP.Optional.Vitruvian.A, C:\Users\radalupa\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, In Quarantäne, [f9b245d45238b08697505dabff06bb45], 
PUP.Optional.Vitruvian.A, C:\Users\radalupa\AppData\Local\Temp\vitruvian-installer-install-v0003, In Quarantäne, [17941cfd8505c670b43317f1d72e2dd3], 
PUP.Optional.Vitruvian.A, C:\Users\radalupa\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [6e3d17024149c86e8b5c37d18085639d], 
PUP.Optional.Vitruvian.A, C:\Users\radalupa\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, In Quarantäne, [5754d445d5b5cd692abd2ddb4db87a86], 
PUP.Optional.Vitruvian.A, C:\Users\radalupa\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002, In Quarantäne, [753650c9682271c5cb1c8484c243c838], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome.manifest, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\install.rdf, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\index.html, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\quick_start.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\js.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\icon.png, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\loading.gif, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\logo.png, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\simple.css, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\chrome\skin\style.css, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\addonmanager.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\aes.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\config.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\dialogs.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\last_tab.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\misc.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\properties.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\remoterequest.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\restoreprefs.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.FastStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\faststartff@gmail.com\modules\settings.js, In Quarantäne, [436890893159f0469eaaeb74f50e7a86], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\astcnfg.dat, In Quarantäne, [b8f34dcc0a80d85ec1a6067161a2b14f], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\uninst.dat, In Quarantäne, [b8f34dcc0a80d85ec1a6067161a2b14f], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\uninstall.exe, In Quarantäne, [b8f34dcc0a80d85ec1a6067161a2b14f], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\337.json, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\MessageBox.xml, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\un.ini, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\uninstallDlg2.xml, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\UninstallManager.exe, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\bg.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\bg1.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\bk_shadow.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\button.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\button1.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\checkbox.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\checkbox_select.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\checked.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\close.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\loading_bg.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\loading_light.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\min.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\scrollbar.bmp, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\Thumbs.db, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\unchecked.png, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code1.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code2.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code3.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code4.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code5.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\code6.jpg, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.ViView.A, C:\Users\radalupa\AppData\Roaming\vi-view\images\code\Thumbs.db, In Quarantäne, [c0eba1788cfee2540bee6418a261cd33], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome.manifest, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\install.rdf, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome\content\toolbar.js, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome\content\toolbar.xul, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.FFToolbar.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\extensions\fftoolbar2014@etech.com\chrome\skin\icon.png, In Quarantäne, [c3e8cf4ac5c5171fb05cc2bcf90af20e], 
PUP.Optional.QuickStart.A, C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[f2b9e336e7a3d4626b900ddcde270bf5]

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Alt 03.02.2015, 10:01   #7
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by radalupa (administrator) on CK on 03-02-2015 10:01:00
Running from C:\Users\radalupa\Desktop
Loaded Profiles: UpdatusUser & radalupa (Available profiles: UpdatusUser & radalupa)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Waterfox)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\AutoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\2becd77ad266a0a7bf983344b9f7b308\windowsstoresetupbox.exe
(Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6346464 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2888352 2013-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-04-24] (IDT, Inc.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-08-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-08-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-653446779-1761658196-2559590348-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-02-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-02-24] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-653446779-1761658196-2559590348-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-653446779-1761658196-2559590348-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
URLSearchHook: [S-1-5-21-653446779-1761658196-2559590348-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-653446779-1761658196-2559590348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Tcpip\..\Interfaces\{00B38AB3-1333-4958-8545-A99364BEF3D1}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{7706C4D5-BF20-40AF-B1A9-02A7085C7657}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{862C16F1-8940-4827-A832-37F37FA8BC5C}: [NameServer] 198.101.13.115,95.211.37.200
Tcpip\..\Interfaces\{F0C0248D-96A3-4D7A-9170-14DD0B064F79}: [NameServer] 198.101.13.115,95.211.37.200
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default
FF DefaultSearchEngine: SuchMaschine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF SearchPlugin: C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\searchplugins\suchmaschine.xml
FF Extension: Deutsch (DE) Language Pack - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-02-01]
FF Extension: SQLite Manager - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2015-01-31]
FF Extension: NoScript - C:\Users\radalupa\AppData\Roaming\Mozilla\Firefox\Profiles\6fpfxj06.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2228440 2013-03-22] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-04-02] (Broadcom Corporation.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99184 2013-04-12] (ELAN Microelectronics Corp.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-18] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-24] (IDT, Inc.) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-08-23] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170200 2013-03-22] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2012-10-13] (Broadcom Corporation)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 BTWPANFL; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-02-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8239456 2013-01-04] (Realtek Semiconductor Corp.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 09:57 - 2015-02-03 09:57 - 00051327 _____ () C:\Users\radalupa\Desktop\mbam.txt
2015-02-03 09:51 - 2015-02-03 09:51 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys.upd
2015-02-03 09:51 - 2015-02-03 09:51 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin32.dll.upd
2015-02-03 09:45 - 2015-02-03 09:45 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 09:45 - 2015-02-03 09:45 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 09:36 - 2015-02-03 09:36 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 09:34 - 2015-02-03 09:34 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-03 09:34 - 2015-02-03 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-03 09:34 - 2015-02-03 09:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-03 09:34 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-03 09:34 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-03 09:34 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-03 09:33 - 2015-02-03 09:33 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Desktop\mbam-setup-2.0.0.1000.exe
2015-02-03 09:31 - 2015-02-03 09:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Downloads\mbam-setup-2.0.4.1028(2).exe
2015-02-03 09:29 - 2015-02-03 09:29 - 00000694 _____ () C:\Users\radalupa\Desktop\JRT.txt
2015-02-03 09:27 - 2015-02-03 09:27 - 01388274 _____ (Thisisu) C:\Users\radalupa\Desktop\JRT.exe
2015-02-03 09:20 - 2015-02-03 09:20 - 00281784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-03 09:17 - 2015-02-03 09:17 - 02194432 _____ () C:\Users\radalupa\Desktop\AdwCleaner_4.109.exe
2015-02-03 09:09 - 2015-02-03 09:09 - 00472740 _____ () C:\ProgramData\1422950759.bdinstall.bin
2015-02-03 09:08 - 2015-02-03 09:12 - 00000000 ____D () C:\ProgramData\BDLogging
2015-02-03 09:08 - 2015-02-03 09:08 - 00002208 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Plus 2015.lnk
2015-02-03 09:08 - 2015-02-03 09:08 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2015-02-03 09:08 - 2015-02-03 09:08 - 00000385 _____ () C:\Users\radalupa\AppData\Roaminguser_gensett.xml
2015-02-03 09:08 - 2015-02-03 09:08 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-02-03 09:08 - 2015-02-03 09:08 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Bitdefender
2015-02-03 09:08 - 2015-02-03 09:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-02-03 09:08 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2015-02-03 09:08 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\WINDOWS\SysWOW64\bdsandboxuiskin32.dll
2015-02-03 09:08 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-02-03 09:08 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-02-03 09:08 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-02-03 09:08 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-02-03 09:08 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-02-03 09:08 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-02-03 09:06 - 2015-02-03 09:08 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-02-03 09:06 - 2015-02-03 09:06 - 00000000 ____N () C:\WINDOWS\system32\bdsandboxuiskin32.dll
2015-02-03 09:06 - 2015-02-03 09:06 - 00000000 ____D () C:\Program Files\Bitdefender
2015-02-03 09:06 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\WINDOWS\system32\BDSandBoxUISkin.dll
2015-02-03 09:06 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\WINDOWS\system32\BDSandBoxUH.dll
2015-02-03 09:06 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-02-03 09:06 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-02-03 09:05 - 2015-02-03 09:06 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-02-03 09:05 - 2015-02-03 09:05 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\QuickScan
2015-02-03 09:00 - 2015-02-03 09:00 - 02867648 _____ () C:\Users\radalupa\Downloads\bitdefender_antivirus.exe
2015-02-02 20:03 - 2015-02-02 20:03 - 00025378 _____ () C:\Users\radalupa\Desktop\Addition.txt
2015-02-02 20:02 - 2015-02-03 10:01 - 00017083 _____ () C:\Users\radalupa\Desktop\FRST.txt
2015-02-02 20:02 - 2015-02-03 10:01 - 00000000 ____D () C:\FRST
2015-02-02 20:00 - 2015-02-02 20:00 - 02131456 _____ (Farbar) C:\Users\radalupa\Desktop\FRST64.exe
2015-02-02 18:57 - 2015-02-03 08:46 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-02 18:57 - 2015-02-02 18:57 - 00000000 ____D () C:\sources
2015-02-02 18:54 - 2015-02-03 09:19 - 00000000 ____D () C:\AdwCleaner
2015-02-02 18:35 - 2015-02-02 18:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-02 18:29 - 2015-02-02 18:29 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\radalupa\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-02 18:29 - 2015-02-02 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\Program Files\Canon
2015-02-02 16:42 - 2015-02-02 16:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-02-02 16:41 - 2015-02-02 16:41 - 60366424 _____ () C:\Users\radalupa\Downloads\eppx-win-4_5_0-de.exe
2015-02-02 16:36 - 2015-02-02 16:36 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-02-02 16:36 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAT.DLL
2015-02-01 19:26 - 2014-12-09 08:12 - 00590816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2015-02-01 19:26 - 2014-12-09 08:12 - 00467408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2015-02-01 19:26 - 2014-10-22 04:34 - 00010777 _____ () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-01 19:26 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-02-01 19:26 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-02-01 19:26 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-01 19:26 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-02-01 19:26 - 2014-07-12 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2015-02-01 19:26 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2015-02-01 19:26 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2015-02-01 19:26 - 2014-07-12 05:15 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2015-02-01 19:26 - 2014-07-12 01:02 - 00478352 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-01 19:26 - 2014-07-12 01:00 - 00478352 _____ () C:\WINDOWS\system32\locale.nls
2015-02-01 19:26 - 2014-07-08 23:33 - 00181248 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2015-02-01 19:26 - 2014-07-08 23:32 - 01539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2015-02-01 19:26 - 2014-07-08 23:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2015-02-01 19:26 - 2014-07-08 23:30 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2015-02-01 19:26 - 2014-07-07 06:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-02-01 19:26 - 2014-07-07 06:52 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-02-01 19:26 - 2014-07-04 11:52 - 00328000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-02-01 19:26 - 2014-07-03 02:59 - 01824784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-01 19:26 - 2014-07-03 01:30 - 01408952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-01 19:26 - 2014-06-28 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-02-01 19:26 - 2014-06-28 07:56 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-02-01 19:26 - 2014-06-18 00:27 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-02-01 19:26 - 2014-06-18 00:23 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-02-01 19:26 - 2014-06-11 15:47 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-02-01 19:26 - 2014-06-11 05:40 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-02-01 19:26 - 2014-06-10 23:44 - 01403896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-02-01 19:26 - 2014-02-04 11:57 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-02-01 18:58 - 2015-02-01 18:58 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\dvdcss
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\Documents\Lenovo
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\Documents\CyberLink
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WebApp
2015-02-01 18:56 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\CyberLink
2015-02-01 18:41 - 2015-02-01 18:41 - 00001259 _____ () C:\Users\radalupa\Desktop\WinISO.lnk
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WinISO Computing
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Users\radalupa\AppData\Local\WinISO Computing
2015-02-01 18:41 - 2015-02-01 18:41 - 00000000 ____D () C:\Program Files (x86)\WinISO Computing
2015-02-01 18:41 - 2014-02-26 11:09 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2015-02-01 18:40 - 2015-02-01 18:41 - 07043816 _____ (WinISO Computing Inc.) C:\Users\radalupa\Downloads\winiso.exe
2015-02-01 18:36 - 2015-02-01 18:36 - 01376768 _____ () C:\Users\radalupa\Downloads\7z920-x64.msi
2015-02-01 18:36 - 2015-02-01 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-01 18:36 - 2015-02-01 18:36 - 00000000 ____D () C:\Program Files\7-Zip
2015-02-01 18:34 - 2015-02-01 18:34 - 01191200 _____ () C:\Users\radalupa\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
2015-02-01 18:30 - 2015-02-01 18:30 - 01191200 _____ () C:\Users\radalupa\Downloads\7 Zip 32 Bit - CHIP-Installer.exe
2015-02-01 17:53 - 2015-02-01 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
2015-02-01 17:53 - 2015-02-01 17:53 - 00000000 ____D () C:\Program Files (x86)\Smart Projects
2015-02-01 17:52 - 2015-02-01 17:52 - 04080320 _____ (Smart Projects ) C:\Users\radalupa\Downloads\isobuster_35install.exe
2015-02-01 13:47 - 2015-02-01 20:17 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\vlc
2015-02-01 13:47 - 2015-02-01 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-01 13:47 - 2015-02-01 13:47 - 00000000 ____D () C:\Program Files\VideoLAN
2015-02-01 13:46 - 2015-02-01 13:46 - 25816568 _____ () C:\Users\radalupa\Downloads\vlc-2.1.5-win64.exe
2015-02-01 13:46 - 2015-02-01 13:46 - 00000000 ____D () C:\Program Files (x86)\Startfenster
2015-02-01 12:00 - 2015-02-01 12:01 - 00000000 ____D () C:\Users\radalupa\Downloads\Die.Pinguine.aus.Madagascar.2014.German.AC3D.DL.720p.WEB-DL.h264.READ.NFO-LameHD
2015-02-01 12:00 - 2015-02-01 12:00 - 46182208 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part32.rar
2015-02-01 12:00 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part31.rar
2015-02-01 11:59 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part30.rar
2015-02-01 11:59 - 2015-02-01 12:00 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part29.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part28.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part27.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part26.rar
2015-02-01 11:59 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part25.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part24.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part23.rar
2015-02-01 11:58 - 2015-02-01 11:59 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part22.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part21.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part20.rar
2015-02-01 11:58 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part19.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part18.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part17.rar
2015-02-01 11:57 - 2015-02-01 11:58 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part16.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part15.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part14.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part13.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part12.rar
2015-02-01 11:57 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part11.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part10.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part09.rar
2015-02-01 11:56 - 2015-02-01 11:57 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part06.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part08.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part07.rar
2015-02-01 11:56 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part05.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part04.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part03.rar
2015-02-01 11:55 - 2015-02-01 11:56 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part02.rar
2015-02-01 11:55 - 2015-02-01 11:55 - 105906176 _____ () C:\Users\radalupa\Downloads\LHDGM72PD.part01.rar
2015-02-01 11:54 - 2015-02-01 11:54 - 00002094 _____ () C:\Users\radalupa\Desktop\JDownloader 2.lnk
2015-02-01 11:54 - 2015-02-01 11:54 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-01 11:53 - 2015-02-01 21:50 - 00000000 ____D () C:\Users\radalupa\AppData\Local\JDownloader 2.0
2015-02-01 11:41 - 2015-02-01 11:54 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2015-02-01 11:41 - 2015-02-01 11:42 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00002048 _____ () C:\Users\radalupa\Desktop\JDownloader.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00002012 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-02-01 11:41 - 2015-02-01 11:41 - 00001935 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-02-01 11:37 - 2015-02-01 11:37 - 00231544 _____ () C:\Users\radalupa\Downloads\install_jd_one.exe
2015-02-01 11:20 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\radalupa\.appwork
2015-02-01 10:26 - 2015-02-02 17:34 - 00036864 ___SH () C:\Users\radalupa\Desktop\Thumbs.db
2015-02-01 10:26 - 2015-02-01 10:26 - 00000000 ____D () C:\Users\radalupa\Desktop\thermomix
2015-02-01 10:26 - 2015-02-01 10:26 - 00000000 ____D () C:\Users\radalupa\Desktop\Hochzeit
2015-02-01 10:05 - 2015-02-01 10:05 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\8pecxstudios
2015-02-01 10:05 - 2015-02-01 10:05 - 00000000 ____D () C:\Users\radalupa\AppData\Local\8pecxstudios
2015-02-01 10:04 - 2015-02-01 10:04 - 48739504 _____ (8pecxstudios ) C:\Users\radalupa\Downloads\Cyberfox-35.0.1.exe
2015-02-01 10:04 - 2015-02-01 10:04 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2015-02-01 10:04 - 2015-02-01 10:04 - 00000000 ____D () C:\Program Files\Cyberfox
2015-02-01 09:57 - 2015-02-01 09:57 - 00304591 _____ () C:\Users\radalupa\Downloads\Waterfox 28 langpack-de.zip
2015-02-01 09:43 - 2015-02-01 09:43 - 58867704 _____ () C:\Users\radalupa\Downloads\Waterfox_35.0_Setup.exe
2015-02-01 09:43 - 2015-02-01 09:43 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-02-01 09:43 - 2015-02-01 09:43 - 00000893 _____ () C:\Users\Public\Desktop\Waterfox.lnk
2015-02-01 09:43 - 2015-02-01 09:43 - 00000000 ____D () C:\Program Files\Waterfox
2015-02-01 09:39 - 2015-02-01 09:39 - 01191200 _____ () C:\Users\radalupa\Downloads\Firefox 37 Nightly 64 Bit - CHIP-Installer.exe
2015-02-01 09:29 - 2015-02-01 11:22 - 00000000 ____D () C:\Users\radalupa\AppData\Local\JDownloader v2.0
2015-02-01 09:29 - 2015-02-01 09:32 - 00000000 ____D () C:\Users\radalupa\AppData\Local\748078
2015-02-01 09:29 - 2015-02-01 09:29 - 00000000 ____D () C:\ProgramData\{629D8A5E-321F-5BD8-8399-2B5A531BF8D4}
2015-02-01 09:19 - 2015-01-24 21:20 - 00714176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-01 09:19 - 2015-01-24 21:20 - 00106432 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 09:09 - 2015-02-01 09:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-01 09:09 - 2015-02-01 09:09 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-01 08:21 - 2014-10-09 05:00 - 01519104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-02-01 08:21 - 2014-10-09 05:00 - 01484288 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-02-01 08:21 - 2014-10-09 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-02-01 08:21 - 2014-10-09 04:59 - 01195520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-02-01 08:21 - 2014-10-09 04:59 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-02-01 07:56 - 2014-07-15 23:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-02-01 07:40 - 2015-02-01 07:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-01 07:40 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-01 07:35 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-01 07:35 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-01 07:26 - 2014-02-04 00:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-02-01 07:26 - 2014-02-04 00:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2015-02-01 07:26 - 2014-01-31 01:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-02-01 07:26 - 2014-01-31 01:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-02-01 07:26 - 2014-01-27 04:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-02-01 07:26 - 2014-01-16 00:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2015-02-01 07:26 - 2014-01-03 00:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-02-01 07:26 - 2014-01-03 00:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-02-01 07:25 - 2014-11-05 07:40 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-02-01 07:25 - 2014-11-05 07:39 - 01024512 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-02-01 07:25 - 2014-11-01 07:28 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-02-01 07:25 - 2014-10-29 15:21 - 00499008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-02-01 07:25 - 2014-10-27 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-01 07:25 - 2014-08-28 07:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-02-01 07:25 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-02-01 07:25 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-02-01 07:25 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-02-01 07:25 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-02-01 07:25 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-02-01 07:25 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-02-01 07:25 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2015-02-01 07:25 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-02-01 07:25 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2015-02-01 07:25 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2015-02-01 07:25 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-02-01 07:25 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2015-02-01 07:25 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-02-01 07:25 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2015-02-01 07:25 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2015-02-01 07:25 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2015-02-01 07:25 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-02-01 07:25 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-02-01 07:24 - 2014-11-15 07:06 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-02-01 07:24 - 2014-11-15 06:13 - 03286016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-02-01 07:24 - 2014-11-15 06:13 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-02-01 07:24 - 2014-11-15 06:12 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-02-01 07:24 - 2014-11-15 04:54 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-02-01 07:24 - 2014-11-15 04:53 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-02-01 07:24 - 2014-11-15 04:53 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-02-01 07:24 - 2014-11-15 04:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-02-01 07:22 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2015-02-01 07:22 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2015-02-01 07:21 - 2014-06-13 02:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-02-01 07:21 - 2014-06-13 02:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2015-02-01 07:21 - 2014-06-05 02:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-02-01 07:21 - 2014-06-04 00:12 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-02-01 07:21 - 2014-03-25 00:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2015-02-01 07:21 - 2014-03-24 23:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2015-02-01 07:21 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-02-01 07:21 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2015-02-01 07:21 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2015-02-01 07:21 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2015-02-01 07:21 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2015-02-01 07:21 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2015-02-01 07:21 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2015-02-01 07:21 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2015-02-01 07:21 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2015-02-01 07:21 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2015-02-01 07:21 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2015-02-01 07:21 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-02-01 07:21 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-02-01 07:11 - 2015-02-01 07:11 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Macromedia
2015-02-01 07:10 - 2015-02-03 09:19 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-01 07:10 - 2015-02-01 07:10 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-01 07:10 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Sun
2015-02-01 07:10 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 07:10 - 2015-02-01 07:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-01 07:09 - 2015-02-01 07:10 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 07:09 - 2015-02-01 07:09 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 21:22 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2015-01-31 21:22 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-01-31 21:22 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2015-01-31 21:22 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2015-01-31 21:22 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2015-01-31 21:21 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-31 21:21 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2015-01-31 21:21 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2015-01-31 21:21 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2015-01-31 21:20 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2015-01-31 21:20 - 2013-08-15 23:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2015-01-31 21:20 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2015-01-31 21:14 - 2014-08-01 00:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-31 21:14 - 2014-06-18 00:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2015-01-31 21:14 - 2014-06-18 00:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2015-01-31 21:06 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2015-01-31 21:06 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-01-31 21:06 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2015-01-31 21:05 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-01-31 21:05 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-01-31 20:58 - 2015-02-01 20:04 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Nero
2015-01-31 20:58 - 2015-01-31 20:58 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Nero
2015-01-31 20:58 - 2015-01-31 20:58 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Nero_AG
2015-01-31 20:52 - 2014-11-27 03:40 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-31 20:52 - 2014-11-27 02:28 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-31 20:50 - 2015-02-02 19:57 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-01-31 20:50 - 2015-02-02 19:55 - 00000000 ____D () C:\ProgramData\Nero
2015-01-31 20:50 - 2015-01-31 20:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2015-01-31 20:49 - 2015-01-31 20:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-31 20:49 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-01-31 20:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-01-31 20:47 - 2014-12-11 07:51 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-31 20:47 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-31 20:47 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-31 20:47 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-31 20:47 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-31 20:47 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-31 20:46 - 2014-08-09 09:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-31 20:46 - 2014-08-09 09:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2015-01-31 20:46 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2015-01-31 20:46 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2015-01-31 20:46 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-01-31 20:46 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2015-01-31 20:45 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-31 20:45 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-31 20:45 - 2014-10-11 08:44 - 19764736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-31 20:45 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-31 20:45 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-31 20:45 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-31 20:45 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-31 20:45 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-31 20:45 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-01-31 20:45 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-01-31 20:45 - 2014-07-24 04:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-31 20:45 - 2014-07-24 04:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-31 20:44 - 2014-12-19 07:48 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-31 20:44 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-31 20:44 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-31 20:44 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-31 20:44 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-01-31 20:44 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-31 20:44 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-31 20:44 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-31 20:44 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-31 20:44 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-31 20:44 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-31 20:44 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-31 20:44 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-01-31 20:44 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-01-31 20:44 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-01-31 20:44 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-31 20:44 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2015-01-31 20:44 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2015-01-31 20:44 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2015-01-31 20:44 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2015-01-31 20:44 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2015-01-31 20:44 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2015-01-31 20:44 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2015-01-31 20:44 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2015-01-31 20:44 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2015-01-31 20:44 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2015-01-31 20:44 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2015-01-31 20:43 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2015-01-31 20:43 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-01-31 20:43 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2015-01-31 20:43 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-31 20:43 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2015-01-31 20:43 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2015-01-31 20:43 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-31 20:43 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2015-01-31 20:43 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2015-01-31 20:43 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-01-31 20:43 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2015-01-31 20:43 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-01-31 20:43 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-01-31 20:43 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2015-01-31 20:43 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-01-31 20:43 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-31 20:43 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-01-31 20:42 - 2014-12-05 02:41 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-01-31 20:42 - 2014-12-05 02:40 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-01-31 20:42 - 2014-12-03 02:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-01-31 20:42 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-31 20:42 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-31 20:42 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-31 20:42 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-31 20:42 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-31 20:42 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-31 20:42 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-31 20:42 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-31 20:42 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-31 20:42 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-31 20:42 - 2014-06-02 23:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-01-31 20:42 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2015-01-31 20:42 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-01-31 20:42 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2015-01-31 20:42 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2015-01-31 20:42 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-01-31 20:42 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-01-31 20:42 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-01-31 20:42 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-01-31 20:42 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-01-31 20:42 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-01-31 20:42 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2015-01-31 20:42 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2015-01-31 20:42 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-31 20:42 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-31 20:42 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-01-31 20:42 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-31 20:42 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-01-31 20:42 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2015-01-31 20:42 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-01-31 20:42 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2015-01-31 20:42 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2015-01-31 20:42 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2015-01-31 20:42 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2015-01-31 20:42 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-31 20:42 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-31 20:42 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-31 20:42 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-31 20:42 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-31 20:42 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-31 20:42 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-01-31 20:41 - 2014-12-06 08:53 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-31 20:41 - 2014-12-06 08:53 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-31 20:41 - 2014-12-06 08:52 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-31 20:41 - 2014-12-06 08:52 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-31 20:41 - 2014-12-06 08:52 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-31 20:41 - 2014-12-06 08:51 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-31 20:41 - 2014-12-06 08:51 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-31 20:41 - 2014-12-06 08:50 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-31 20:41 - 2014-12-06 07:10 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-31 20:41 - 2014-12-06 07:10 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-31 20:41 - 2014-12-06 07:09 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-31 20:41 - 2014-12-06 07:09 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-31 20:41 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-31 20:41 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-31 20:41 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-31 20:41 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-31 20:41 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-31 20:41 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-31 20:41 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-31 20:41 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-31 20:41 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-31 20:41 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-31 20:41 - 2014-04-29 23:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-01-31 20:41 - 2014-04-29 23:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-01-31 20:41 - 2014-01-31 01:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-01-31 20:41 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-31 20:41 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-31 20:41 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-01-31 20:41 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-01-31 20:41 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-01-31 20:41 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-01-31 20:41 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-01-31 20:41 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-01-31 20:40 - 2014-03-11 04:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2015-01-31 20:40 - 2014-03-11 01:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2015-01-31 20:40 - 2014-03-11 01:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2015-01-31 20:40 - 2014-03-11 01:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2015-01-31 20:40 - 2014-03-11 01:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2015-01-31 20:40 - 2014-03-11 01:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2015-01-31 20:40 - 2014-03-10 04:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-31 20:40 - 2014-03-10 02:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2015-01-31 20:40 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-01-31 20:40 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2015-01-31 20:40 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2015-01-31 20:40 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2015-01-31 20:40 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2015-01-31 20:40 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-01-31 20:40 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-01-31 20:40 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-01-31 20:40 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-01-31 20:39 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-31 20:39 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-31 20:39 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-31 20:39 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-31 20:39 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-01-31 20:39 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-01-31 20:39 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-01-31 20:39 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2015-01-31 20:38 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2015-01-31 20:38 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2015-01-31 20:38 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-01-31 20:38 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-01-31 20:38 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2015-01-31 20:38 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2015-01-31 20:38 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2015-01-31 20:38 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2015-01-31 20:38 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2015-01-31 20:38 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2015-01-31 20:38 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2015-01-31 20:38 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-01-31 20:38 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-01-31 20:38 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-31 20:38 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-31 20:38 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-01-31 20:38 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2015-01-31 20:38 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2015-01-31 20:38 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2015-01-31 20:38 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-01-31 20:38 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2015-01-31 20:38 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2015-01-31 20:37 - 2014-12-19 05:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-31 20:37 - 2014-12-11 08:35 - 06973248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-31 20:37 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-31 20:37 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-31 20:37 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-31 20:37 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-31 20:37 - 2014-07-24 14:50 - 00447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-01-31 20:37 - 2014-07-17 00:28 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2015-01-31 20:37 - 2014-07-16 23:59 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2015-01-31 20:37 - 2014-07-16 23:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2015-01-31 20:37 - 2014-07-12 07:45 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2015-01-31 20:37 - 2014-07-12 05:36 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-01-31 20:37 - 2014-07-12 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-01-31 20:37 - 2014-07-12 05:34 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-01-31 20:37 - 2014-07-12 05:34 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-01-31 20:37 - 2014-06-28 07:57 - 01341952 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-01-31 20:37 - 2014-06-28 03:23 - 01126400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-01-31 20:37 - 2014-06-13 00:34 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-31 20:37 - 2014-06-13 00:29 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-31 20:37 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-01-31 20:37 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-01-31 20:37 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-01-31 20:37 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-01-31 20:37 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-01-31 20:36 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-31 20:36 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-31 20:36 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-31 20:36 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-31 20:36 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-31 20:36 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-31 20:36 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-31 20:36 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-31 20:36 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-01-31 20:36 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-01-31 20:36 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-01-31 20:36 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-01-31 20:36 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-31 20:36 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-01-31 20:36 - 2014-05-29 05:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-01-31 20:36 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-01-31 20:36 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-01-31 20:36 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2015-01-31 20:36 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2015-01-31 20:36 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-01-31 20:36 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2015-01-31 20:36 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2015-01-31 20:36 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2015-01-31 20:36 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2015-01-31 20:36 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-31 20:36 - 2014-03-01 10:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-01-31 20:36 - 2014-03-01 10:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-01-31 20:36 - 2014-03-01 09:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2015-01-31 20:36 - 2014-03-01 07:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2015-01-31 20:36 - 2014-02-15 05:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2015-01-31 20:36 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2015-01-31 20:36 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-01-31 20:36 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2015-01-31 20:35 - 2014-10-30 08:20 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-31 20:35 - 2014-10-30 06:22 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-31 20:35 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-01-31 20:35 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-01-31 20:34 - 2015-01-31 20:34 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Thunderbird
2015-01-31 20:34 - 2015-01-31 20:34 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Thunderbird
2015-01-31 20:33 - 2015-01-31 17:23 - 00000689 _____ () C:\Users\radalupa\Documents\indexfile.txt
2015-01-31 20:28 - 2015-01-31 20:32 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2015-01-31 20:28 - 2015-01-31 20:28 - 00002109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-01-31 20:28 - 2015-01-31 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2015-01-31 20:28 - 2015-01-31 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-31 20:27 - 2015-01-31 20:27 - 28742864 _____ (Mozilla) C:\Users\radalupa\Downloads\Thunderbird Setup 31.4.0.exe
2015-01-31 20:27 - 2015-01-31 20:27 - 01191200 _____ () C:\Users\radalupa\Downloads\MozBackup - CHIP-Installer.exe
2015-01-31 20:22 - 2015-01-31 20:22 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Nitro
2015-01-31 20:17 - 2015-01-31 20:17 - 00000355 _____ () C:\Users\radalupa\Desktop\Computer - Verknüpfung.lnk
2015-01-31 20:14 - 2015-01-31 20:14 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\WinRAR
2015-01-31 20:14 - 2013-08-25 18:55 - 00000000 ____D () C:\Users\radalupa\Desktop\Kaspersky.Internet.Security.14.0.0.4651
2015-01-31 20:13 - 2015-01-31 20:13 - 02060888 _____ () C:\Users\radalupa\Downloads\winrar-x64-520d.exe
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 20:13 - 2015-01-31 20:13 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-31 20:11 - 2015-01-31 20:11 - 01191200 _____ () C:\Users\radalupa\Downloads\WinRAR 32 Bit - CHIP-Installer.exe
2015-01-31 20:10 - 2015-01-31 20:14 - 37319391 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part3.rar
2015-01-31 20:10 - 2015-01-31 20:10 - 104857600 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part2.rar
2015-01-31 20:10 - 2015-01-31 20:10 - 104857600 _____ () C:\Users\radalupa\Downloads\Kaspersky.Internet.Security.14.0.0.4651.part1.rar
2015-01-31 20:04 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-31 20:04 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-31 20:04 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-31 19:59 - 2015-02-01 09:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-31 19:59 - 2015-01-31 20:00 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Mozilla
2015-01-31 19:59 - 2015-01-31 20:00 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Mozilla
2015-01-31 19:59 - 2015-01-31 19:59 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-31 19:59 - 2015-01-31 19:59 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-31 19:59 - 2015-01-31 19:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-31 19:55 - 2015-01-31 20:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-31 19:51 - 2015-02-03 09:33 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-653446779-1761658196-2559590348-1002
2015-01-31 19:48 - 2015-02-01 07:11 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Adobe
2015-01-31 19:48 - 2015-01-31 19:51 - 00000000 ____D () C:\Users\radalupa\AppData\Local\LSC
2015-01-31 19:29 - 2015-02-01 07:32 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\LSC
2015-01-31 19:28 - 2015-01-31 19:28 - 00000000 ____D () C:\Users\radalupa\Documents\Bluetooth-Exchange-Ordner
2015-01-31 19:28 - 2015-01-31 19:28 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Broadcom
2015-01-31 19:27 - 2015-02-01 18:56 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Lenovo
2015-01-31 19:27 - 2015-01-31 19:29 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Adobe
2015-01-31 19:27 - 2015-01-31 19:27 - 00001449 _____ () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\ProgramData\Energy Management
2015-01-31 19:27 - 2015-01-31 19:27 - 00000000 ____D () C:\ProgramData\eBay
2015-01-31 19:26 - 2015-02-01 11:20 - 00000000 ____D () C:\Users\radalupa
2015-01-31 19:26 - 2015-01-31 19:27 - 00000000 ____D () C:\Users\radalupa\AppData\Local\Packages
2015-01-31 19:26 - 2015-01-31 19:26 - 00000020 ___SH () C:\Users\radalupa\ntuser.ini
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Vorlagen
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Startmenü
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Netzwerkumgebung
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Lokale Einstellungen
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Eigene Dateien
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Druckumgebung
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Documents\Eigene Musik
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Documents\Eigene Bilder
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Local\Verlauf
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\AppData\Local\Anwendungsdaten
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 _SHDL () C:\Users\radalupa\Anwendungsdaten
2015-01-31 19:26 - 2015-01-31 19:26 - 00000000 ____D () C:\Users\radalupa\AppData\Local\VirtualStore
2015-01-31 19:26 - 2013-08-24 01:45 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-31 19:26 - 2013-08-24 01:42 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-31 19:26 - 2013-08-23 16:29 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Macromedia
2015-01-31 19:26 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 19:26 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\radalupa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 18:49 - 2015-01-31 18:49 - 00000000 _____ () C:\Recovery.txt
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-31 17:49 - 2015-01-31 17:49 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 10:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-03 09:49 - 2014-11-21 22:57 - 00000000 ___HD () C:\$Windows.~BT
2015-02-03 09:45 - 2012-07-26 08:21 - 00031991 _____ () C:\WINDOWS\setupact.log
2015-02-03 09:32 - 2013-08-23 15:54 - 01324467 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-03 09:31 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-03 09:26 - 2013-08-24 01:35 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-03 09:26 - 2013-08-24 01:35 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-03 09:26 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-03 09:20 - 2013-03-25 22:02 - 00094384 _____ () C:\WINDOWS\PFRO.log
2015-02-03 09:20 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-03 09:19 - 2013-08-23 16:34 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2015-02-03 09:19 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-03 09:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-02-03 09:03 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-02 21:29 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-02 18:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2015-02-02 18:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\security
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-02-02 18:57 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-02 18:57 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-02-02 18:57 - 2012-07-26 08:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-02 18:57 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-02-02 18:57 - 2012-07-26 06:37 - 00000000 ____D () C:\WINDOWS\servicing
2015-02-02 16:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-01 18:56 - 2013-08-23 16:34 - 00000000 ____D () C:\ProgramData\Lenovo
2015-02-01 09:13 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-01 09:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-01 09:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 09:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-01 09:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 20:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Cursors
2015-01-31 19:56 - 2013-08-23 16:27 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-31 19:50 - 2013-08-23 16:29 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-01-31 19:50 - 2013-08-23 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-31 19:50 - 2013-08-23 16:15 - 00000000 ____D () C:\Program Files\Lenovo
2015-01-31 19:50 - 2013-08-23 16:14 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-01-31 19:50 - 2013-08-23 16:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-31 19:49 - 2013-08-23 16:29 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-01-31 19:27 - 2013-08-24 02:45 - 00087475 _____ () C:\WINDOWS\modules.log
2015-01-31 18:48 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-31 17:49 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-31 17:49 - 2012-07-26 06:37 - 00000000 ___HD () C:\Users\Default
2015-01-20 17:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2015-02-03 09:09 - 2015-02-03 09:09 - 0472740 _____ () C:\ProgramData\1422950759.bdinstall.bin
2013-08-23 16:14 - 2013-08-23 16:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\radalupa\AppData\Local\Temp\Quarantine.exe
C:\Users\radalupa\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\bdsandboxuiskin32.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-03-25 22:02

==================== End Of Log ============================
         
--- --- ---

Alt 03.02.2015, 11:14   #8
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Der Eset Scan dauert länger:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 03.02.2015, 21:23   #9
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Code:
ATTFilter
 Results of screen317's Security Check version 0.99.95  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus   
Windows Defender        
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.296  
 Mozilla Firefox (35.0.1) 
 Mozilla Thunderbird (31.4.0) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by radalupa at 2015-02-03 21:20:45 Run:1
Running from C:\Users\radalupa\Desktop
Loaded Profiles: UpdatusUser & radalupa (Available profiles: UpdatusUser & radalupa)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
emptytemp:
*****************

EmptyTemp: => Removed 437.7 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 21:20:51 ====
         

Alt 03.02.2015, 21:49   #10
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Update: Internet Explorer
Downloade Dir bitte den Internet Explorer 11 von hier und installiere diesen.
Auch wenn dieser nicht dein Standard-Browser ist, sollte sich die aktuelle Version am Rechner befinden. Es gibt noch genug Software die diesen zum Updaten verwendet.


Und halt noch die ESET Logs
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 03.02.2015, 22:45   #11
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f25e893a52929444b0c43fb330b4d59f
# engine=22290
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-03 09:41:52
# local_time=2015-02-03 10:41:52 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2065 16777213 100 100 4604 126845021 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 99834 44859574 0 0
# scanned=214642
# found=8
# cleaned=0
# scan_time=3935
sh=78E9A61EEFA503534C6C915BEE54A9DF0F2D95DD ft=1 fh=c4ceac639ad97a1d vn="Win32/RiskWare.HackAV.NR Anwendung" ac=I fn="C:\Users\radalupa\Desktop\Kaspersky.Internet.Security.14.0.0.4651\Trial Reset 2.1\KRT_2.1.exe"
sh=4B678C68434A2BCB616FCE3B3B34044F236AC6B0 ft=1 fh=43b61e643a179069 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\7 Zip 32 Bit - CHIP-Installer.exe"
sh=F1DFE45D590095187010C36C46D4F24E7C29BD7E ft=1 fh=c3045bf960f77480 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\7 Zip 64 Bit - CHIP-Installer.exe"
sh=F93EF7FCA1095B88062251D124EFB0C9003107C2 ft=1 fh=ea18fae57d1cdde4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\Firefox 37 Nightly 64 Bit - CHIP-Installer.exe"
sh=7582AF00CE094D82CC11AE88E70B4E1907DDF06C ft=1 fh=7eb2b412b9295f54 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\MozBackup - CHIP-Installer.exe"
sh=FCDC48707066F599DFC101E4D65498B52062A573 ft=1 fh=1b790cc9c1a68901 vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\radalupa\Downloads\vlc-2.1.5-win64.exe"
sh=CE47D8A382D422A65320A1A1A56E387059FE2AAA ft=1 fh=d17f06dd4e542d35 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\WinRAR 32 Bit - CHIP-Installer.exe"
sh=8F50CC112FCED8DC89D1D84BE4D233CD92CE3083 ft=1 fh=b6131c454760c140 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="D:\Neuer Ordner (2)\WhatsApp-Plus---Die-beste-Alternative-zu-WhatsApp-lnstall.exe"
         

Alt 04.02.2015, 08:53   #12
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Zitat:
sh=78E9A61EEFA503534C6C915BEE54A9DF0F2D95DD ft=1 fh=c4ceac639ad97a1d vn="Win32/RiskWare.HackAV.NR Anwendung" ac=I fn="C:\Users\radalupa\Desktop\Kaspersky.Internet.Security.14.0.0.4651\Trial Reset 2.1\KRT_2.1.exe"

Das ist jetzt nicht wahr oder ?
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 04.02.2015, 15:42   #13
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



ne ist nicht so ich habe mein system neu aufgesetzt und wollte meinen kasperski installieren hab ihn aber nicht gefunden und hab nen bekannten gefragt da ich mir letztes jahr ein 3pc version gekauft habe und wir ihn teilten wollte ich den serial aber er gab mir den also hab ich mir bitdefinder gekauft und benutze nicht den kasperski ich bin kein fan von nicht lega erworbener software

Alt 06.02.2015, 12:01   #14
Warlord711
/// TB-Ausbilder
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



Hmm, ok.

Zitat:
sh=78E9A61EEFA503534C6C915BEE54A9DF0F2D95DD ft=1 fh=c4ceac639ad97a1d vn="Win32/RiskWare.HackAV.NR Anwendung" ac=I fn="C:\Users\radalupa\Desktop\Kaspersky.Internet.Security.14.0.0.4651\Trial Reset 2.1\KRT_2.1.exe"
sh=4B678C68434A2BCB616FCE3B3B34044F236AC6B0 ft=1 fh=43b61e643a179069 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\7 Zip 32 Bit - CHIP-Installer.exe"
sh=F1DFE45D590095187010C36C46D4F24E7C29BD7E ft=1 fh=c3045bf960f77480 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\7 Zip 64 Bit - CHIP-Installer.exe"
sh=F93EF7FCA1095B88062251D124EFB0C9003107C2 ft=1 fh=ea18fae57d1cdde4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\Firefox 37 Nightly 64 Bit - CHIP-Installer.exe"
sh=7582AF00CE094D82CC11AE88E70B4E1907DDF06C ft=1 fh=7eb2b412b9295f54 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\MozBackup - CHIP-Installer.exe"
sh=FCDC48707066F599DFC101E4D65498B52062A573 ft=1 fh=1b790cc9c1a68901 vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\radalupa\Downloads\vlc-2.1.5-win64.exe"
sh=CE47D8A382D422A65320A1A1A56E387059FE2AAA ft=1 fh=d17f06dd4e542d35 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\radalupa\Downloads\WinRAR 32 Bit - CHIP-Installer.exe"
sh=8F50CC112FCED8DC89D1D84BE4D233CD92CE3083 ft=1 fh=b6131c454760c140 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="D:\Neuer Ordner (2)\WhatsApp-Plus---Die-beste-Alternative-zu-WhatsApp-lnstall.exe"
Die Dateien kannst du von Hand löschen, das sind Setups die Werbung mitbringen.

Chip/Softonic Downloader:

Bei Chip.de und Softonic gibt es beim Download zwei Möglichkeiten:
einmal den Chip Downloader mit DownloadSponsor, der Werbung mitbringt und gern versucht, den User dazu zu überreden, noch diese und jene Toolbar zu installieren.

Und es gibt immer den alternativen Download, das ist die eigentliche Anwendung als Setup, so wie sie vom Hersteller kommt. Der Alternativlink ist genau unter der Chip Download-Schaltfläche.







Ansonsten sind die Logs sauber !


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
  • verwende für jede Anwendung und jeden Account ein anderes Passwort
  • ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
  • speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
  • ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen
  • benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
  • verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7 / 8 : Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti-Viren-Programm und zusätzlicher Schutz
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • AdwCleaner
    Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwümschten Programmen (PUPs).
    Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt auf den Desktop downloaden.
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • WOT (Web of trust)
    Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart außerdem Downloadkapazität.


Performance
  • Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
  • Halte dich fern von Registry Cleanern.
    Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
    Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
  • Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen oder Lob, Kritik und Wünsche loswerden?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 06.02.2015, 19:21   #15
radalupa
 
Weiterleiten auf seektoexplore.com oder smartadserver.com - Standard

Weiterleiten auf seektoexplore.com oder smartadserver.com



hallo danke fürs zurückschreiben ich habe den rest genau so gemacht wie du geschriebenhast und laptop neu gestartet leider werde ich nach dem start trotzdem noch weitergeleitet auf die seite

Antwort

Themen zu Weiterleiten auf seektoexplore.com oder smartadserver.com
64bit, andere, aufrufe, bild, firefox, folge, folgendes, forum, funktionieren, neu, nutze, problem, richtig, seite, seiten, stelle, system, umgeleitet, weiterleiten, win




Ähnliche Themen: Weiterleiten auf seektoexplore.com oder smartadserver.com


  1. Unerwünschtes Weiterleiten auf unterschiedliche Seiten
    Plagegeister aller Art und deren Bekämpfung - 04.09.2015 (7)
  2. Kein Direktes aufrufen von Gooogle möglich, weiterleiten auf unbekannte Seiten, FRST Download nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 04.08.2015 (24)
  3. Doppelinfektion gelöst - Danke - An Cosinus weiterleiten!
    Lob, Kritik und Wünsche - 21.05.2015 (0)
  4. viren befall ?? oder malware oder unerwuenschte software ?? oder ....
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (6)
  5. weiter leiten auf seektoexplore.com
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (7)
  6. Weiterleiten auf andere Seite
    Plagegeister aller Art und deren Bekämpfung - 20.12.2014 (10)
  7. Virus. Werbungim Browser. Unterstrichen Wörter die auf Werbeseite weiterleiten
    Plagegeister aller Art und deren Bekämpfung - 28.06.2014 (14)
  8. EXP\JAVA.NIABIL.GEN Exploit oder Trojaner oder beides - Lösung ?
    Log-Analyse und Auswertung - 29.02.2012 (1)
  9. click.GiftLoad oder TR/Crypt.XPACK.Gen2 oder Rootkit.TDSS.Gen ?
    Plagegeister aller Art und deren Bekämpfung - 03.05.2011 (3)
  10. Shutdowner.fft in kb.dll + Googlelinks wollen auf Spamseiten weiterleiten
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (9)
  11. Virus oder Trojaner? Browser reagieren nicht oder verzögert.
    Log-Analyse und Auswertung - 20.10.2010 (26)
  12. Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?
    Log-Analyse und Auswertung - 15.08.2010 (23)
  13. schadhaftes script oder virus? url falschmeldung oder echte gefahr?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2010 (6)
  14. Hilfe!! Monder.Acia oder Vundo 129024 oder Virtumonde auf dem PC gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.12.2008 (0)
  15. Ich hab folgende trojaner oder adware oder was auch immer gefunden!
    Log-Analyse und Auswertung - 23.07.2006 (15)
  16. Domainnamen sichern, und auf kostenlose Homepage weiterleiten. Geht das?
    Netzwerk und Hardware - 17.11.2003 (7)

Zum Thema Weiterleiten auf seektoexplore.com oder smartadserver.com - Hallo, bin neu hier im Forum und kenne mich noch nicht so richtig aus mein System ist Win8 64bit und ich nutze Firefox und kaspersky Seit heut stelle ich folgendes - Weiterleiten auf seektoexplore.com oder smartadserver.com...
Archiv
Du betrachtest: Weiterleiten auf seektoexplore.com oder smartadserver.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.