Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mozilla Firefox öffnet unaufgefordert Werbetabs

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.04.2014, 16:10   #1
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Hallo, wir haben auf unserem Computer seit einiger Zeit das Problem, dass Firefox einfach von selbst irgendwelche Werbetabs öffnet.
Ich hoffe, ihr könnt uns weiterhelfen!
Hier zunächst die defogger-Datei:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:34 on 24/04/2014 (Basti)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST und Addition waren so groß, dass ich sie als Anhang schicken musste.

Hier noch GMER:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-24 15:10:33
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000028 ST500LT012-9WS142 rev.0001SDM1 465.76GB
Running: Gmer-19357.exe; Driver: C:\Users\Basti\AppData\Local\Temp\fwldapow.sys


---- User code sections - GMER 2.1 ----

.text    C:\WINDOWS\system32\atiesrxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                              00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                              00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                 00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                 00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[472] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                              00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[472] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                              00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[472] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                 00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[472] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                 00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\System32\spoolsv.exe[1188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                              00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\System32\spoolsv.exe[1188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                              00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\System32\spoolsv.exe[1188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                 00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\WINDOWS\System32\spoolsv.exe[1188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                 00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe[1276] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                   00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe[1276] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                   00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe[1276] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe[1276] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\svchost.exe[1940] c:\windows\system32\WSOCK32.dll!setsockopt + 194                                                                                    00007ffefc2f1f6a 4 bytes [2F, FC, FE, 7F]
.text    C:\Windows\System32\svchost.exe[1940] c:\windows\system32\WSOCK32.dll!setsockopt + 218                                                                                    00007ffefc2f1f82 4 bytes [2F, FC, FE, 7F]
.text    C:\Windows\System32\svchost.exe[2000] c:\windows\system32\WSOCK32.dll!setsockopt + 194                                                                                    00007ffefc2f1f6a 4 bytes [2F, FC, FE, 7F]
.text    C:\Windows\System32\svchost.exe[2000] c:\windows\system32\WSOCK32.dll!setsockopt + 218                                                                                    00007ffefc2f1f82 4 bytes [2F, FC, FE, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe[2088] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                    00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe[2088] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                    00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe[2088] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                       00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe[2088] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                       00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe[2176] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                        00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe[2176] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                        00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe[2176] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                           00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe[2176] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                           00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                           00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3188] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                           00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                              00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3188] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                              00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                               00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                               00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                  00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                  00007fff01d61832 4 bytes [D6, 01, FF, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\Windows\System32\WSOCK32.dll!setsockopt + 194                                                                                     00007ffefc2f1f6a 4 bytes [2F, FC, FE, 7F]
.text    C:\Windows\System32\nwtray.exe[4080] C:\Windows\System32\WSOCK32.dll!setsockopt + 218                                                                                     00007ffefc2f1f82 4 bytes [2F, FC, FE, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4976] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                    00007fff01d6169a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4976] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                    00007fff01d616a2 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4976] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                       00007fff01d6181a 4 bytes [D6, 01, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4976] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                       00007fff01d61832 4 bytes [D6, 01, FF, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [576:1480]                                                                                                                                  fffff96000877b90
Thread   C:\WINDOWS\system32\csrss.exe [576:1844]                                                                                                                                  fffff96000877b90
Thread   C:\WINDOWS\Explorer.EXE [3068:4844]                                                                                                                                       00007ffeeaaad6bc
---- Processes - GMER 2.1 ----

Process  C:\Users\Basti\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE (*** suspicious ***) @ C:\Users\Basti\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [5856](2013-06-03 07:12:23)  0000000000400000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                     unknown MBR code

---- EOF - GMER 2.1 ----
         
Hierbei habe ich zweimal die Meldung erhalten "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." Dies war der Fall bei
C:\WINDOWS\system32\config\system sowie bei C:\Users\Basti\ntuser.dat
Schon mal vielen Dank für Eure Hilfe!
LG
Sandra

Alt 24.04.2014, 16:14   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 24.04.2014, 16:40   #3
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Hi, das ging aber schnell :-)

Ich muss zu meiner Schande gestehen, dass ich tatsächlich noch einige Fund von Avira entdeckt habe...

Code:
ATTFilter
Exportierte Ereignisse:

11/04/2014 16:21 [System-Scanner] Malware gefunden
      Die Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/DealPly.Q' [adware].
      Durchgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Die Datei existiert nicht!

11/04/2014 16:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 15:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 14:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 13:56 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 13:56 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:56 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:47 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:47 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 13:47 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:47 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:17 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

11/04/2014 13:17 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

11/04/2014 13:17 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

09/04/2014 16:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

09/04/2014 15:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

09/04/2014 15:03 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 18:36 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 18:36 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 18:12 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 17:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 17:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:31 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

08/04/2014 17:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

08/04/2014 17:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Basti\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.Q' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

28/03/2014 14:11 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      enthielt einen Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5721e055.qua' 
      verschoben!

28/03/2014 13:23 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

28/03/2014 13:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

28/03/2014 13:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

28/03/2014 13:19 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 14:33 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 14:29 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 14:29 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 14:29 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll'
      wurde ein Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:18 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\CouppScaNner\gQbxeV.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55d627fc.qua' 
      verschoben!

26/03/2014 12:18 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4dae0845.qua' 
      verschoben!

26/03/2014 12:14 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\CouppScaNner\gQbxeV.x64.dll'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5694289b.qua' 
      verschoben!
      Der Registrierungseintrag 
      <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser 
      Helper Objects\{FEE40EB5-485B-6B97-A342-4B189E8C349E}> wurde erfolgreich 
      repariert.

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 12:11 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen7' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:10 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.x64.dll'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55af25f6.qua' 
      verschoben!
      Der Registrierungseintrag 
      <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser 
      Helper Objects\{C86CE4C3-1D41-0332-69A8-3DDB26C1EE26}> wurde erfolgreich 
      repariert.

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\CouppScaNner\gQbxeV.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

26/03/2014 12:06 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\ProgramData\WOWCoupoen\RkI7NmXi.x64.dll'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben
         
Die anderen Dateien versuch ich einzeln zu schicken, die sind so groß.

FRST Teil 1:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Basti (administrator) on SEBASTIAN on 24-04-2014 14:46:41
Running from C:\Users\Basti\Downloads
Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Program Files\Novell\Client\cusrvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Windows\System32\nwtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
() C:\Users\Basti\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-07-18] (Alcor Micro Corp.)
HKLM\...\Run: [NWTRAY] => C:\Windows\system32\NWTRAY.EXE [38016 2012-10-28] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [84576 2013-07-24] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\S-1-5-21-2040692901-543291816-533557636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2040692901-543291816-533557636-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2013-12-26] (PC Utilities Software Limited)
HKU\S-1-5-21-2040692901-543291816-533557636-1001\...\MountPoints2: {3c451ac7-9af5-11e3-bf22-089e014a89f0} - "D:\LaunchU3.exe" -a
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs:  c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [4180296 2014-01-10] ()
Lsa: [Authentication Packages] msv1_0 ncv1_0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119357&tt=gc_&babsrc=HP_ss&mntrId=B20700FF50C95005
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
SearchScopes: HKLM - DefaultScope {76DE361A-F9A4-47F3-8964-5256BC0DE4E1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {1C0352DF-7259-4A7B-9B39-47650F8A7EFA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {76DE361A-F9A4-47F3-8964-5256BC0DE4E1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=10/01/2014&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000
BHO-x32: No Name - {EF7BD87A-8024-11E2-F316-F3E56188709B} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: CouppScaNner - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\aaeu0u@aoac.com [2014-01-30]
FF Extension: InfoBird Pro - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\addon@infobirdpro.com [2013-09-01]
FF Extension: My Movie Magnet - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\admin@mymoviemagnet.com [2013-09-01]
FF Extension: WOWCoupoen - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\p7i@ctvv-ccrd.org [2014-01-30]
FF Extension: Real Summer Sale - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\realsummersale1@realsummersale.com [2013-09-01]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000
CHR RestoreOnStartup: "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000"
CHR DefaultSearchKeyword: SuchMaschine
CHR DefaultSearchProvider: SuchMaschine
CHR DefaultSearchURL: hxxp://www.sm.de/?q={searchTerms}
CHR Extension: (New Tab Page) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-01-10]
CHR Extension: (Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26]
CHR Extension: (WOWCoupoen) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmhkhhcmceninamcfbengebffgkjfb [2014-01-29]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26]
CHR Extension: (CouppScaNner) - C:\ProgramData\oboheghbanmkkchbgiiadknlnhmpafjl [2014-01-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 cusrvc; C:\Program Files\Novell\Client\cusrvc.exe [108160 2012-10-28] ()
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-23] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [20096 2012-10-28] (Novell, Inc.)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MOSUMAC; C:\Windows\system32\DRIVERS\USBMAC64.SYS [55296 2009-12-07] (--)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112256 2012-10-28] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [114816 2012-10-28] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [90240 2012-10-28] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [119936 2012-10-28] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [26240 2012-10-28] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [31360 2012-10-28] (Novell, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-23] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-30] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [80000 2012-10-28] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [78976 2012-10-28] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [49280 2012-10-28] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [19584 2012-10-28] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [83584 2012-10-28] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [39040 2012-10-28] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [55936 2012-10-28] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [36992 2012-10-28] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [25216 2012-10-28] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [35968 2012-10-28] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [59520 2012-10-28] (Novell, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 14:46 - 2014-04-24 14:47 - 00020770 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-04-24 14:46 - 2014-04-24 14:46 - 00000000 ____D () C:\FRST
2014-04-24 14:41 - 2014-04-24 14:41 - 02061824 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-04-24 14:34 - 2014-04-24 14:34 - 00000472 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-04-24 14:34 - 2014-04-24 14:34 - 00000000 _____ () C:\Users\Basti\defogger_reenable
2014-04-24 14:31 - 2014-04-24 14:31 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-04-24 13:43 - 2014-04-24 13:43 - 00000000 ____D () C:\Users\Basti\Downloads\backups
2014-04-24 13:36 - 2014-04-24 14:18 - 00011197 _____ () C:\Users\Basti\Downloads\hijackthis.log
2014-04-24 13:35 - 2014-04-24 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Basti\Downloads\HiJackThis204.exe
2014-04-23 23:40 - 2014-04-23 23:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieUserList
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieSiteList
2014-04-23 17:19 - 2014-04-23 17:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 17:19 - 2014-04-23 17:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-23 17:02 - 2014-04-23 17:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-23 17:02 - 2014-04-23 17:02 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-23 11:30 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-23 11:30 - 2014-03-20 05:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-23 11:30 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-23 11:30 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-23 11:30 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-23 11:30 - 2014-03-20 03:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-23 11:30 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-23 11:30 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-23 11:30 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-23 11:30 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-23 11:30 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-23 11:30 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-23 11:30 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-23 11:30 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-23 11:30 - 2014-03-19 06:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-23 11:30 - 2014-03-19 06:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-23 11:30 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-23 11:30 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-23 11:30 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-23 11:30 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-23 11:30 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-23 11:30 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-23 11:30 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-23 11:30 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-23 11:30 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-23 11:30 - 2014-03-08 22:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-23 11:30 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-23 11:30 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-23 11:30 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-23 11:30 - 2014-03-08 09:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-23 11:30 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-23 11:30 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-23 11:30 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-23 11:30 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-23 11:30 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-23 11:30 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-23 11:30 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-23 11:30 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-23 11:30 - 2014-03-08 08:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-23 11:30 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-23 11:30 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-23 11:30 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-23 11:30 - 2014-03-06 16:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-23 11:30 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-23 11:30 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-23 11:30 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-23 11:30 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-23 11:30 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-23 11:30 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-23 11:30 - 2014-03-06 14:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-23 11:30 - 2014-03-06 14:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-23 11:30 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-23 11:30 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-23 11:30 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-23 11:30 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-23 11:30 - 2014-03-06 11:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-23 11:30 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-23 11:30 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-23 11:30 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-23 11:30 - 2014-03-06 09:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-23 11:30 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-23 11:30 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-23 11:30 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-23 11:30 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-23 11:30 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-23 11:30 - 2014-03-06 08:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-23 11:30 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-23 11:30 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-23 11:30 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-23 11:30 - 2014-03-06 08:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-23 11:30 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-23 11:30 - 2014-03-06 08:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-23 11:30 - 2014-03-06 08:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-23 11:30 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-23 11:30 - 2014-03-06 08:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-23 11:30 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-23 11:30 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-23 11:30 - 2014-03-06 07:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-23 11:30 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-23 11:30 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-23 11:30 - 2014-03-06 07:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-23 11:30 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-23 11:30 - 2014-03-06 07:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-23 11:30 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-23 11:30 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-23 11:30 - 2014-03-06 07:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-23 11:30 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-23 11:30 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-23 11:30 - 2014-03-06 07:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-23 11:30 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-23 11:30 - 2014-03-04 14:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-23 11:30 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-23 11:30 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-23 11:30 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-23 11:30 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-23 11:30 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-23 11:30 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-23 11:30 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-23 11:30 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-23 11:30 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-23 11:29 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-23 11:29 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-23 11:29 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-23 11:29 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-23 11:29 - 2014-03-12 15:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-23 11:29 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-23 11:29 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-23 11:29 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-23 11:29 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-23 11:29 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-23 11:29 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-23 11:29 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-23 11:29 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-23 11:29 - 2014-03-08 22:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-23 11:29 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-23 11:29 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-23 11:29 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-23 11:29 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-23 11:29 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-23 11:29 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-23 11:29 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-23 11:29 - 2014-03-08 09:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-23 11:29 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-23 11:29 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-23 11:29 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-23 11:29 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-23 11:29 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-23 11:29 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-23 11:29 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-23 11:29 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-23 11:29 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-23 11:29 - 2014-03-06 14:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-23 11:29 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-23 11:29 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-23 11:29 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-23 11:29 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-23 11:29 - 2014-03-06 11:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-23 11:29 - 2014-03-06 11:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-23 11:29 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-23 11:29 - 2014-03-06 11:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-23 11:29 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-23 11:29 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-23 11:29 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-23 11:29 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-23 11:29 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-23 11:29 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-23 11:29 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-23 11:29 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-23 11:29 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-23 11:29 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-23 11:29 - 2014-03-06 10:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-23 11:29 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-23 11:29 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-23 11:29 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-23 11:29 - 2014-03-06 09:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-23 11:29 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-23 11:29 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-23 11:29 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-23 11:29 - 2014-03-06 08:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-23 11:29 - 2014-03-06 08:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-23 11:29 - 2014-03-06 08:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-23 11:29 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-23 11:29 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-23 11:29 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-23 11:29 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-23 11:29 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-23 11:29 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-23 11:29 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-23 11:29 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-23 11:29 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-23 11:29 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-23 11:29 - 2014-03-04 14:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-23 11:29 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-23 11:29 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-23 11:29 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-23 11:29 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-23 11:29 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-23 11:29 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-23 11:29 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-23 11:29 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-23 11:29 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-23 11:29 - 2014-02-07 00:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-23 11:29 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-23 11:29 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-23 11:29 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-23 11:27 - 2014-03-02 12:20 - 23549952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-23 11:27 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-23 11:27 - 2014-02-26 08:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-23 11:26 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-23 11:26 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-23 11:26 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-23 11:26 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-23 11:26 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-23 11:17 - 2014-02-22 17:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-23 11:17 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-23 11:17 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-23 11:17 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-23 11:17 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-23 11:17 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-23 11:17 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-23 11:17 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-23 11:17 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-23 11:17 - 2014-02-22 11:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-23 11:17 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-23 11:17 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-23 11:17 - 2014-02-22 11:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-23 11:17 - 2014-02-22 10:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-23 11:17 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-23 11:17 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-23 11:17 - 2014-02-08 03:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-23 11:16 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-23 11:16 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-23 11:16 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-23 11:16 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-23 11:16 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-23 11:16 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-23 11:16 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-23 11:16 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-23 11:16 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-23 11:16 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-23 11:16 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-23 11:16 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-23 11:16 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-23 11:16 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-23 11:16 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-23 11:16 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-23 11:16 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-23 11:16 - 2014-02-22 10:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-23 11:16 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-23 11:15 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-23 11:15 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-23 11:15 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-23 11:15 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-23 11:15 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-23 11:15 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-23 11:15 - 2014-02-22 17:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-23 11:15 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-23 11:15 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-23 11:15 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-23 11:15 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-23 11:15 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-23 11:15 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-23 11:15 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-23 11:15 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-23 11:15 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-23 11:15 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-23 11:15 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-23 11:15 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-23 11:15 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-23 11:15 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-23 11:15 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-23 11:15 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-23 11:15 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-23 11:15 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-23 11:15 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-23 11:15 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-23 11:15 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-23 11:15 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-23 11:15 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-23 11:15 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-23 11:15 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-23 11:15 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-23 11:15 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-23 11:15 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-23 11:15 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-23 11:15 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-23 11:15 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-23 11:15 - 2014-02-22 11:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-23 11:15 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-23 11:15 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-23 11:15 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-23 11:15 - 2014-02-22 11:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-23 11:15 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-23 11:15 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-23 11:15 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-23 11:15 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-23 11:15 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-23 11:15 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-23 11:15 - 2014-02-22 10:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-23 11:15 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-23 11:15 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-23 11:15 - 2014-02-22 10:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-23 11:15 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-23 11:15 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-23 11:15 - 2014-02-22 10:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-23 11:15 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-23 11:15 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-23 11:15 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-23 11:14 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-23 11:14 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-23 11:14 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-23 11:14 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-23 11:14 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-23 11:14 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-23 11:14 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-23 11:14 - 2014-02-22 17:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-23 11:14 - 2014-02-22 17:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-23 11:14 - 2014-02-22 17:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-23 11:14 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-23 11:14 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-23 11:14 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-23 11:14 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-23 11:14 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-23 11:14 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-23 11:14 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-23 11:14 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-23 11:14 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-23 11:14 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-23 11:14 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-04-23 11:14 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-23 11:14 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-23 11:14 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-23 11:14 - 2014-02-22 14:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-23 11:14 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-23 11:14 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-23 11:14 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-23 11:14 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-23 11:14 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-23 11:14 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-23 11:14 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-23 11:14 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-23 11:14 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-23 11:14 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-23 11:14 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-23 11:14 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-23 11:14 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-23 11:14 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-23 11:14 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-23 11:14 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-23 11:14 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-23 11:14 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-23 11:14 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-23 11:14 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-23 11:14 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-23 11:14 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-23 11:14 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-23 11:14 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-23 11:14 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-23 11:14 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-23 11:14 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-23 11:14 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-23 11:14 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-23 11:14 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-23 11:14 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-23 11:14 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-23 11:14 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-23 11:14 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-23 11:14 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-23 11:14 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-23 11:14 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-23 11:14 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-23 11:14 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-23 11:14 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-23 11:14 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-23 11:14 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-23 11:14 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-23 11:14 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-23 11:14 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-23 11:14 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-23 11:14 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-23 11:14 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-23 11:14 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-23 11:14 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-23 11:14 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-23 11:14 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-23 11:14 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation)
         
__________________

Alt 24.04.2014, 16:42   #4
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



FRST Teil 2:
Code:
ATTFilter
C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-23 11:14 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-23 11:14 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-23 11:14 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-23 11:14 - 2014-02-22 10:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-23 11:14 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-23 11:14 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-23 11:14 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-23 11:14 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-23 11:14 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-04-23 11:14 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-23 11:14 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-23 11:14 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-23 11:14 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-23 11:14 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-23 11:14 - 2014-02-22 10:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-23 11:14 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-23 11:14 - 2014-02-22 10:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-23 11:14 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-23 11:14 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-04-23 11:14 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-23 11:14 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-23 11:14 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-23 11:14 - 2014-02-22 06:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-23 11:14 - 2014-02-02 16:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-23 11:14 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-23 11:14 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-23 11:14 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-23 11:14 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-23 11:14 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-23 11:14 - 2014-01-27 19:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-23 11:14 - 2014-01-27 17:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-23 11:14 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-23 11:14 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-23 11:14 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-23 11:14 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-23 11:14 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-23 11:13 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-23 11:13 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-23 11:13 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-23 11:13 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-23 11:13 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-23 11:13 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-23 11:13 - 2014-02-22 18:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-23 11:13 - 2014-02-22 18:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-23 11:13 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-23 11:13 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-23 11:13 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-23 11:13 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-23 11:13 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-23 11:13 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-23 11:13 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-23 11:13 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-23 11:13 - 2014-02-22 17:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-23 11:13 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-23 11:13 - 2014-02-22 17:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-23 11:13 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-23 11:13 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-23 11:13 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-23 11:13 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-23 11:13 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-23 11:13 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-23 11:13 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-23 11:13 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-23 11:13 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-23 11:13 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-23 11:13 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-23 11:13 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-23 11:13 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-23 11:13 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-23 11:13 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-23 11:13 - 2014-02-22 14:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-23 11:13 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-23 11:13 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-23 11:13 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-23 11:13 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-23 11:13 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-23 11:13 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-23 11:13 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-23 11:13 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-23 11:13 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-23 11:13 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-23 11:13 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-23 11:13 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-23 11:13 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-23 11:13 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-23 11:13 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-23 11:13 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-23 11:13 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-23 11:13 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-23 11:13 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-23 11:13 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-23 11:13 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-23 11:13 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-23 11:13 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-23 11:13 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-23 11:13 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-23 11:13 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-23 11:13 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-23 11:13 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-23 11:13 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-23 11:13 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-23 11:13 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-23 11:13 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-23 11:13 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-23 11:13 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-23 11:13 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-23 11:13 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-23 11:13 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-23 11:13 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-23 11:13 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-23 11:13 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-23 11:13 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-23 11:13 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-23 11:13 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-23 11:13 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-23 11:13 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-23 11:13 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-23 11:13 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-23 11:13 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-23 11:13 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-23 11:13 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-23 11:13 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-23 11:13 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-23 11:13 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-23 11:13 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-23 11:13 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-23 11:13 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-23 11:13 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-23 11:13 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 11:13 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-23 11:13 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-23 11:13 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-23 11:13 - 2014-02-22 10:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-23 11:13 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-23 11:13 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-23 11:13 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-23 11:13 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-23 11:13 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-23 11:13 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-23 11:13 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-23 11:13 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-23 11:13 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-23 11:13 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-23 11:13 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-23 11:13 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-23 11:13 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-23 11:13 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-23 11:13 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-23 11:13 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-23 11:13 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-23 11:13 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-23 11:13 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-23 11:13 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-23 11:13 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-23 11:13 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-23 11:13 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-23 11:13 - 2014-01-29 10:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-23 11:13 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-23 11:13 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-23 11:13 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-23 11:13 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-23 11:13 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-23 11:12 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-23 11:12 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-23 11:12 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-23 11:12 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-23 11:12 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-23 11:12 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-23 11:12 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-23 11:12 - 2014-02-22 17:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-23 11:12 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-23 11:12 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-23 11:12 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-23 11:12 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-23 11:12 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-23 11:12 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-23 11:12 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-23 11:12 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 11:12 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-23 11:12 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-23 11:12 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-23 11:12 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-23 11:12 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-23 11:12 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-23 11:12 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-23 11:12 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-23 11:12 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-23 11:12 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-23 11:12 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-23 11:12 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-23 11:12 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-23 11:12 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-23 11:12 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-23 11:12 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-23 11:12 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-23 11:12 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-23 11:12 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-23 11:12 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-23 11:12 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-23 11:12 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-23 11:12 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-23 11:12 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-23 11:12 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-23 11:12 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-23 11:12 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-23 11:12 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-23 11:12 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-23 11:12 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-23 11:12 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-23 11:12 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-23 11:12 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-23 11:12 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-23 11:12 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-23 11:12 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-23 11:12 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-23 11:12 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-23 11:12 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-23 11:12 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-23 11:12 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 11:12 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-23 11:12 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-23 11:12 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-23 11:12 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-23 11:12 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-23 11:12 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-23 11:12 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-23 11:12 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-23 11:12 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-23 11:12 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-23 11:12 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-23 11:12 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-23 11:12 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-23 11:12 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 11:12 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-23 11:12 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-23 11:12 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-23 11:12 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-23 11:12 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-23 11:12 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 11:12 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-23 11:12 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-23 11:12 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 11:12 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-23 11:12 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-23 11:12 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-23 11:12 - 2014-02-22 11:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-23 11:12 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-23 11:12 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-23 11:12 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-23 11:12 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-23 11:12 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-23 11:12 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-23 11:12 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 11:12 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-23 11:12 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-23 11:12 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-23 11:12 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-23 11:12 - 2014-02-22 10:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-23 11:12 - 2014-02-22 10:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-23 11:12 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-23 11:12 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-23 11:12 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-23 11:12 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-23 11:12 - 2014-02-22 10:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-23 11:12 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-04-23 11:12 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-23 11:12 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-23 11:12 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-23 11:12 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-23 11:12 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-23 11:12 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-23 11:12 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-23 11:12 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-23 11:12 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-23 11:12 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-23 11:12 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-23 11:12 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-23 11:12 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-23 11:12 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-23 11:12 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-23 11:12 - 2014-01-31 13:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-23 11:12 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-23 11:12 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-23 11:12 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-23 11:12 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-23 11:12 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-23 11:12 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-23 11:12 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-23 11:12 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-23 11:12 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-23 11:12 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-23 11:12 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-23 11:12 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-23 11:12 - 2013-11-08 06:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-23 11:11 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-23 11:11 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-23 11:11 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-23 11:11 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-23 11:11 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-23 11:11 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-23 11:11 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-23 11:11 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-23 11:11 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-23 11:11 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-23 11:11 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 11:11 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-23 11:11 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-23 11:11 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-23 11:11 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-04-23 11:11 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-23 11:11 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-23 11:11 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-23 11:11 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-23 11:11 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-23 11:11 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-23 11:11 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-23 11:11 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-23 11:11 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-23 11:11 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-23 11:11 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-23 11:11 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-23 11:11 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-04-23 11:11 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-23 11:11 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-23 11:11 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-23 11:11 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-23 11:11 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-23 11:11 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-23 11:11 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-23 11:11 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-23 11:11 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-23 11:11 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-23 11:11 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-23 11:11 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-04-23 11:11 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-23 11:11 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-23 11:11 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-23 11:11 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-23 11:11 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-23 11:11 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-23 11:11 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-23 11:11 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-23 11:11 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-23 11:11 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-23 11:11 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-23 11:11 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-23 11:11 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-23 11:11 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-23 11:11 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-23 11:11 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-23 11:11 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-23 11:11 - 2014-02-22 10:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-23 11:11 - 2014-02-22 10:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 11:11 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-23 11:11 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-23 11:11 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-23 11:11 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-23 11:11 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-04-23 11:11 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 11:11 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-23 11:11 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-23 11:11 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-23 11:11 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-23 11:11 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-23 11:11 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-23 11:11 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-23 11:11 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-23 11:11 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-23 11:11 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-23 11:11 - 2014-01-27 19:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-23 11:11 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-23 11:11 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-23 11:10 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-23 11:10 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-23 11:10 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-23 11:10 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-23 11:10 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-23 11:10 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-23 11:10 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-23 11:10 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-23 11:10 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-23 11:10 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-23 11:10 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-23 11:10 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-23 11:10 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-23 11:10 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-23 11:10 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-23 11:10 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-23 11:10 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-23 11:10 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-23 11:10 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-23 11:10 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-23 11:10 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 11:10 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-23 11:10 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-23 11:10 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 11:10 - 2014-01-27 13:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-23 11:10 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 12:09 - 2014-04-09 12:09 - 00358000 _____ (Juniper Networks) C:\WINDOWS\SysWOW64\dsGinaLoaderX64.dll
2014-03-29 12:19 - 2014-03-29 12:19 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-28 20:09 - 2013-08-30 10:51 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-03-28 20:09 - 2013-08-30 10:51 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-03-28 20:09 - 2013-08-30 10:51 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-03-28 20:08 - 2014-03-28 20:08 - 00002217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-03-28 20:08 - 2014-03-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-03-28 20:01 - 2014-03-28 20:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-28 20:00 - 2014-03-28 20:00 - 00000000 ____D () C:\Users\Basti\Documents\DVDVideoSoft
2014-03-26 12:28 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-26 12:28 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-26 12:28 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-26 12:10 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-26 12:10 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-26 12:10 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-26 12:10 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-26 12:10 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-26 12:10 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-26 12:10 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-26 12:10 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-26 12:10 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-26 12:10 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-26 12:10 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-26 12:10 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll

==================== One Month Modified Files and Folders =======

2014-04-24 14:47 - 2014-04-24 14:46 - 00020770 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-04-24 14:46 - 2014-04-24 14:46 - 00000000 ____D () C:\FRST
2014-04-24 14:41 - 2014-04-24 14:41 - 02061824 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-04-24 14:34 - 2014-04-24 14:34 - 00000472 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-04-24 14:34 - 2014-04-24 14:34 - 00000000 _____ () C:\Users\Basti\defogger_reenable
2014-04-24 14:34 - 2014-01-30 11:23 - 00000000 ____D () C:\Users\Basti
2014-04-24 14:31 - 2014-04-24 14:31 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-04-24 14:18 - 2014-04-24 13:36 - 00011197 _____ () C:\Users\Basti\Downloads\hijackthis.log
2014-04-24 14:16 - 2014-01-30 11:58 - 01212909 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-24 14:12 - 2013-07-29 08:13 - 00000071 _____ () C:\Users\Basti\AppData\Roaming\WB.CFG
2014-04-24 14:12 - 2013-06-03 09:12 - 00000306 _____ () C:\WINDOWS\Tasks\DSite.job
2014-04-24 14:11 - 2013-02-07 21:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-24 14:06 - 2013-02-07 17:13 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2040692901-543291816-533557636-1001
2014-04-24 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-24 13:53 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-24 13:53 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-24 13:53 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-24 13:51 - 2014-02-04 14:54 - 00010214 _____ () C:\WINDOWS\setupact.log
2014-04-24 13:49 - 2013-02-08 12:01 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-04-24 13:48 - 2014-01-31 15:40 - 00000000 __RDO () C:\Users\Basti\SkyDrive
2014-04-24 13:48 - 2013-07-22 10:09 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-04-24 13:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-24 13:43 - 2014-04-24 13:43 - 00000000 ____D () C:\Users\Basti\Downloads\backups
2014-04-24 13:35 - 2014-04-24 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Basti\Downloads\HiJackThis204.exe
2014-04-24 12:13 - 2014-02-03 09:45 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B65C7FF9-647F-466A-96C6-666C8895AAB0}
2014-04-24 12:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-24 12:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-24 11:51 - 2014-02-04 23:26 - 00007344 _____ () C:\WINDOWS\PFRO.log
2014-04-24 11:51 - 2013-02-07 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-23 23:40 - 2014-04-23 23:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-23 23:40 - 2013-12-22 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 23:40 - 2013-02-07 20:06 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieUserList
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieSiteList
2014-04-23 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-23 19:13 - 2013-02-07 23:05 - 00000000 ___RD () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 19:13 - 2013-02-07 23:05 - 00000000 ___RD () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 18:47 - 2013-04-19 12:43 - 00000159 _____ () C:\WINDOWS\system32\HPPDEVX.DLL.log
2014-04-23 18:42 - 2013-08-22 16:44 - 00480632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-23 17:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-23 17:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-23 17:19 - 2014-04-23 17:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 17:19 - 2014-04-23 17:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-23 17:02 - 2014-04-23 17:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-23 17:02 - 2014-04-23 17:02 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-17 23:32 - 2012-07-26 04:20 - 00000204 _____ () C:\WINDOWS\SysWOW64\hblirmm.dll
2014-04-17 23:32 - 2012-07-26 04:20 - 00000100 _____ () C:\WINDOWS\SysWOW64\prsgrc.dll
2014-04-14 16:40 - 2013-04-29 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2014-04-14 16:40 - 2013-02-08 00:34 - 00000000 ____D () C:\Program Files (x86)\Juniper Networks
2014-04-11 13:51 - 2013-09-10 08:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-11 13:51 - 2013-03-11 17:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 13:46 - 2013-02-11 08:46 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 14:00 - 2014-04-23 11:26 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-09 12:09 - 2014-04-09 12:09 - 00358000 _____ (Juniper Networks) C:\WINDOWS\SysWOW64\dsGinaLoaderX64.dll
2014-04-09 12:09 - 2014-02-13 21:23 - 00594032 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcSmartCardProv.dll
2014-04-09 12:09 - 2014-02-13 21:23 - 00423536 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcCredProv.dll
2014-04-09 05:32 - 2014-04-23 11:26 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-09 05:31 - 2014-04-23 11:26 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-09 05:23 - 2014-04-23 11:26 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-09 05:21 - 2014-04-23 11:26 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-04 21:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-29 12:20 - 2014-01-10 15:39 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-29 12:19 - 2014-03-29 12:19 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-28 20:08 - 2014-03-28 20:08 - 00002217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-03-28 20:08 - 2014-03-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-03-28 20:08 - 2014-03-28 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-28 20:00 - 2014-03-28 20:00 - 00000000 ____D () C:\Users\Basti\Documents\DVDVideoSoft
2014-03-28 19:59 - 2014-01-10 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-03-28 19:59 - 2014-01-10 15:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-28 19:58 - 2014-01-10 15:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\DVDVideoSoft
2014-03-28 19:58 - 2013-09-26 21:18 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\OpenCandy
2014-03-28 19:53 - 2014-01-10 15:14 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-03-28 15:11 - 2014-01-10 16:16 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-03-26 15:54 - 2013-04-23 18:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-26 15:54 - 2013-04-23 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-26 15:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-26 15:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-26 13:14 - 2014-01-29 17:01 - 00000000 ____D () C:\ProgramData\CouppScaNner
2014-03-26 13:10 - 2014-01-29 17:01 - 00000000 ____D () C:\ProgramData\WOWCoupoen
2014-03-26 13:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-26 12:45 - 2013-04-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\avgnt.exe
C:\Users\Basti\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Basti\AppData\Local\Temp\neoNCSetup64.exe
C:\Users\Basti\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
         
Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Basti at 2014-04-24 14:50:13
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 2.2.4 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.42.61513 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.42.61513 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20821 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{7BABDF85-566A-FCC6-E6FE-12DCFF3F9FEB}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0821.2159.37544 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.20 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
CouppScaNner (HKLM-x32\...\{80E8B0A0-117D-1402-7CDE-688156237115}) (Version:  - CoupScanneerr)
Dataloger (HKLM-x32\...\{2107998E-852C-480D-BA17-A7EC723F2514}) (Version: 4.00.0000 - ##COMPANY_NAME##)
DealPly (HKCU\...\DealPly) (Version:  - ) <==== ATTENTION
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Eisenbahn.exe Professional 9.0 (HKLM-x32\...\{04652498-7677-4A9F-B5EA-A87D8CB35DD2}) (Version: 9.00.0000 - Trend)
EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.0.6348 - Thomson Reuters)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free Video to JPG Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GraphPad Prism 5 (HKLM-x32\...\{35B73650-6899-11DA-6784-00232A9018BE}) (Version: 5.01 - GraphPad Software)
GroupWise (HKLM-x32\...\{1A159D16-64D4-4460-8D5D-718491667D17}) (Version: 12.0.1 - Novell)
GroupWise Client - VC Runtimes (release) (x32 Version: 1.00.0000 - Novell) Hidden
IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
ImageJ 1.46r (HKLM-x32\...\ImageJ_is1) (Version:  - NIH)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juniper Installer Service (HKLM-x32\...\SetupService) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.14 (HKLM-x32\...\Juniper Network Connect 7.1.14) (Version: 7.1.14.23943 - Juniper Networks)
Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30611 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NICI (64 bit) (HKLM\...\{559D2B32-5066-4762-A2F2-52831AC6F67B}) (Version: 2.7.6 - Novell, Inc.)
NICI (Shared) U.S./Worldwide (128 bit) (2.7.6-1) (HKLM-x32\...\{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}) (Version:  - )
NMAS Challenge Response Method (HKLM\...\{54031C8D-F80D-47BB-B3CA-5E9BD7750C27}) (Version: 2.8.3.3 - Novell, Inc.)
NMAS Client (HKLM\...\{22859902-78CE-40B0-9429-6FE7A00BBF85}) (Version: 3.5.1.1 - Novell, Inc.)
Novell Client für Windows (HKLM\...\Novell Client for Windows) (Version: 2 SP2 (IR5) - Novell, Inc.)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
PDF Creator (HKLM\...\PDF Creator) (Version:  - )
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spider Player 2.5.3 (HKLM-x32\...\Spider Player_is1) (Version: 2.5.3.0 - VIT Software, LLC)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update for PDF Writer (HKCU\...\DSite) (Version:  - ) <==== ATTENTION
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WOWCoupoen (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version:  - WoowCoeuponi) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

04-04-2014 19:06:44 Geplanter Prüfpunkt
11-04-2014 11:41:50 Windows Update
19-04-2014 13:46:34 Geplanter Prüfpunkt
23-04-2014 14:48:58 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05FFE7BA-8A92-48CF-8B7C-0B9505E2BAEA} - System32\Tasks\DSite => C:\Users\Basti\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-06-03] () <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CAD298B-3EEF-431A-9393-0C6E006E90BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {1479F109-4493-4D39-8AE5-89B44B345B1D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {1C7E3447-EC2F-40C6-A161-C9AE38B54723} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B2057BB-F9FB-42B1-B748-892D137C5D8C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4134FB22-63DC-440E-ACC9-6B68C8BCE075} - System32\Tasks\DealPlyUpdate => C:\Program <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B134BA2-8640-4BC4-A6A0-83C0EEE17D37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5AF92D80-3512-423A-9B58-913BC07DFABB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {5B46D234-51C8-4A35-93AC-0C4091CCE49D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {5CDA290B-DD52-454B-9260-84D8375B831F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-11] (Microsoft Corporation)
Task: {5FC6A1F6-79ED-471F-A7BF-A8C92BC8CBC1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B185C781-927A-4AE2-B926-D015691E1179} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B7AE37DD-8544-48E2-997C-0917B1817BD3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-21] (Adobe Systems Incorporated)
Task: {C9846BF8-ADC4-4594-8407-8412BBC4B2C8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D33BCFA0-C109-448A-B9F0-0E06ECE8E904} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F748925C-2A6B-4047-81E5-57E8B8132736} - System32\Tasks\DealPly => C:\Users\Basti\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-10] () <==== ATTENTION
Task: {FEA5A9B4-86DC-4ADC-866E-0079D4930C29} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DSite.job => C:\Users\Basti\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ceec361dab9a11.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-10-28 18:59 - 2012-10-28 18:59 - 00048256 _____ () C:\WINDOWS\system32\ncv1_0.DLL
2013-06-03 09:12 - 2011-10-04 22:43 - 00087552 _____ () C:\WINDOWS\System32\custmon64i.dll
2013-04-19 12:42 - 2007-01-25 12:50 - 00102912 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpzpi4wm.DLL
2012-10-28 18:59 - 2012-10-28 18:59 - 00108160 _____ () C:\Program Files\Novell\Client\cusrvc.exe
2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-03-12 18:40 - 2012-03-12 18:40 - 00016384 _____ () C:\WINDOWS\SYSTEM32\nls\DEUTSCH\NCLangIDR.DLL
2012-10-28 18:59 - 2012-10-28 18:59 - 00038016 _____ () C:\Windows\System32\nwtray.exe
2012-10-28 18:59 - 2012-10-28 18:59 - 01002112 _____ () C:\Windows\System32\NCNetProvider.DLL
2012-10-28 18:59 - 2012-10-28 18:59 - 00108672 _____ () C:\Windows\System32\NCLangID.dll
2012-10-28 18:59 - 2012-10-28 18:59 - 00174208 _____ () C:\Windows\System32\MAPBASE.dll
2012-10-28 18:59 - 2012-10-28 18:59 - 00270976 _____ () C:\Windows\System32\NWSHLXNT.dll
2012-03-12 18:40 - 2012-03-12 18:40 - 00016384 _____ () C:\Windows\System32\nls\DEUTSCH\NCLangIDR.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00086528 _____ () C:\Windows\System32\nls\DEUTSCH\MAPBASER.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00102400 _____ () C:\Windows\System32\nls\DEUTSCH\NWSHLXNTR.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00496640 _____ () C:\Windows\System32\nls\DEUTSCH\NCNetProviderR.DLL
2013-06-03 09:12 - 2013-06-03 09:12 - 00094208 _____ () C:\Users\Basti\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe
2013-02-07 19:59 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2014-04-23 23:40 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Basti\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 02:11:38 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13dc

Startzeit: 01cf5fb4cff5c6d4

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9490beee-cba9-11e3-bf36-089e014a89f0

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/24/2014 01:07:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 01:07:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 01:07:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:52:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:37:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:37:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:37:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:22:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/24/2014 00:12:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SEBASTIAN)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (04/24/2014 01:45:34 PM) (Source: Microsoft-Windows-Ntfs) (User: NT-AUTORITÄT)
Description: D:\Device\HarddiskVolume63

Error: (04/24/2014 01:06:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (04/24/2014 01:06:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (04/24/2014 01:06:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:51:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:36:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:36:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:36:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:21:57 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\WINDOWS\syswow64\wwahost.exe" -ServerName:App.wwa15612App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwaNicht verfügbarNicht verfügbar

Error: (04/24/2014 00:12:51 PM) (Source: DCOM) (User: SEBASTIAN)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaNicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (02/03/2014 01:14:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1685 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (10/01/2013 04:19:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 151 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:34:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:33:35 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:33:12 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:46:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:42:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:39:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:38:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/14/2013 03:47:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6254 seconds with 3600 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3786.26 MB
Available physical RAM: 2206.56 MB
Total Pagefile: 4490.26 MB
Available Pagefile: 2547.19 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.95 GB) (Free:198.85 GB) NTFS
Drive d: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:88.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 071AFC2A)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 8C12BEA5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 25.04.2014, 00:46   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.04.2014, 18:11   #6
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Hallo, hier kommen meine neuen Dateien.

1. Schritt: Malwarebytes
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25/04/2014
Suchlauf-Zeit: 17:08:30
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.25.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Basti

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 275773
Verstrichene Zeit: 1 Std, 4 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 13
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [07f9a858827e9a660c82a9a6ea18dd23], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [07f9a858827e9a660c82a9a6ea18dd23], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [916fda2639c7d82857df7aa14bb729d7], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [916fda2639c7d82857df7aa14bb729d7], 
PUP.Optional.DigitalSites.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DSite, Löschen bei Neustart, [d12fcd33966aaa561b5775b8dc25619f], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DEALPLY, In Quarantäne, [857b738dfe028a76b392198352b1a25e], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [758bd52bdb2549b7e5eb801b699ae719], 
PUP.Optional.SmartBar, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, Löschen bei Neustart, [0ff1718f30d0966a72044e65e81b58a8], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY, Löschen bei Neustart, [6c94cc3452aefe0203465f3dd62d13ed], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [2bd5eb15bf4125db01e169316e95c937], 
PUP.Optional.BProtector.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Löschen bei Neustart, [d82855ab58a83ec258c0ccd28b78d22e], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Löschen bei Neustart, [fc04be42c63a2dd3c30c029937cc956b], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DealPly, Löschen bei Neustart, [0af6eb157c84f8080842bea46f93b24e], 

Registrierungswerte: 7
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DEALPLY|ChromeCrxPath, C:\Program Files (x86)\DealPly\DealPly.crx, In Quarantäne, [857b738dfe028a76b392198352b1a25e]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 1590556140525584383, In Quarantäne, [758bd52bdb2549b7e5eb801b699ae719]
PUP.Optional.DealPly.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY|Partner, iron, Löschen bei Neustart, [6c94cc3452aefe0203465f3dd62d13ed]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1N1H2O1S, Löschen bei Neustart, [2bd5eb15bf4125db01e169316e95c937]
PUP.BProtector, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www.delta-search.com/?affID=119357&tt=gc_&babsrc=HP_ss&mntrId=B20700FF50C95005, Löschen bei Neustart, [c04022de2bd5eb15f0cc7d1d8e75e11f]
PUP.BProtector, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Löschen bei Neustart, [6799c33d25dbb74977466f2b7f8403fd]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 1590556140525584383, Löschen bei Neustart, [fc04be42c63a2dd3c30c029937cc956b]

Registrierungsdaten: 9
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[916f28d8c53b50b033b640e5b0547d83]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[0cf419e7ca36e7196b698ba4ab59cc34]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[5ca42cd451afae5203e52ff67d87936d]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[3bc505fb25dbab5515bef03f3ec643bd]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[b94733cd7888b848a44733f2758ffe02]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[57a9de2270907f817561f73862a2ce32]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[ee126f9110f008f8d21ab86d18eca25e]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[58a8f50bfa061ee2f3e4cc632dd7926e]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2040692901-543291816-533557636-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOCCH&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=ds&q={searchTerms}&fr=linkury-tb&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=hp1000),Löschen bei Neustart,[e21ef40cb24e2bd5ecfb8a9be2228878]

Ordner: 29
PUP.Optional.SmartBar.A, C:\Users\Basti\AppData\Local\Temp\smartbar, In Quarantäne, [699733cdb54bd12f327487ffd42ea55b], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.DealPly.A, C:\Users\Basti\AppData\Roaming\DealPly, In Quarantäne, [0af6eb157c84f8080842bea46f93b24e], 
PUP.Optional.DealPly.A, C:\Users\Basti\AppData\Roaming\DealPly\UpdateProc, In Quarantäne, [0af6eb157c84f8080842bea46f93b24e], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\0112907235A9428B90E2593F311DCA9B, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\08FDF9B0B8044ACCA5CA1FB5A09B4271, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\5C0D5C73EDCE40DC89445EF9845B5D50, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\6C76C951A0904B68BAEC2E8BEF33D5F3, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\7457A55C8A0B4FB3A8B71CDA7A1AA118, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.FileScout.A, C:\Users\Basti\AppData\Roaming\File Scout, In Quarantäne, [10f08f71e21e40c0d0c98cd62ad86f91], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 

Dateien: 134
PUP.Optional.FileScout.A, C:\Users\Basti\AppData\Roaming\File Scout\filescout.exe, In Quarantäne, [6b9538c8d92701ff9a00d72ce02141bf], 
PUP.Optional.DigitalSites.A, C:\Users\Basti\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe, In Quarantäne, [d12fcd33966aaa561b5775b8dc25619f], 
PUP.Optional.OpenCandy.A, C:\Users\Basti\AppData\Roaming\OpenCandy\0112907235A9428B90E2593F311DCA9B\LatestDLMgr.exe, In Quarantäne, [5da3fc0450b008f8e643d8304cb5d42c], 
PUP.Optional.Linkury.A, C:\Users\Basti\AppData\Roaming\OpenCandy\6C76C951A0904B68BAEC2E8BEF33D5F3\Installer.exe, In Quarantäne, [d32d30d0d030cc34b0dfc63ae61ead53], 
PUP.Optional.SmartBar.A, C:\Users\Basti\AppData\Local\Temp\smartbar\Installer.msi, In Quarantäne, [3cc411ef18e820e0e0f56abd689853ad], 
PUP.Optional.Conduit.A, C:\Users\Basti\Downloads\ArcSoft_Panorama_Maker_6_TSV31GCBA.exe, In Quarantäne, [16eaa95759a797692b11e5615fa2f30d], 
PUP.Optional.OpenCandy, C:\Users\Basti\Downloads\winamp563_full_emusic-7plus_de-de.exe, In Quarantäne, [a55b31cfba46d52b88bdd182877dde22], 
PUP.Optional.OpenCandy, C:\Users\Basti\Downloads\winamp565_full_emusic-7plus_de-de.exe, In Quarantäne, [a45caa56837d5aa632137dd69e66f20e], 
PUP.Optional.BundleInstaller.A, C:\Users\Basti\Downloads\Player_Setup(1).exe, In Quarantäne, [f80851af12ee1fe1ac730efbbb491be5], 
PUP.Optional.BundleInstaller.A, C:\Users\Basti\Downloads\Player_Setup(2).exe, In Quarantäne, [f50b45bbbd4328d8c05f8d7c8480718f], 
PUP.Optional.BundleInstaller.A, C:\Users\Basti\Downloads\Player_Setup.exe, In Quarantäne, [69976b95b14f06fa23fc7594d72d847c], 
PUP.Optional.BProtector.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\bProtector_extensions.sqlite, In Quarantäne, [5da38e72de22b44c1852aacf1ae855ab], 
PUP.Optional.BProtector.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\bprotector_prefs.js, In Quarantäne, [bc443cc4000058a80764caaf43bf8d73], 
PUP.Optional.WebSearch.A, C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\searchplugins\Web Search.xml, In Quarantäne, [6f9151afae5203fd2b499ae0b949d828], 
PUP.Optional.SmartBar.A, C:\Users\Basti\AppData\Local\Temp\smartbar\GuidCreator.dll, In Quarantäne, [699733cdb54bd12f327487ffd42ea55b], 
PUP.Optional.SmartBar.A, C:\Users\Basti\AppData\Local\Temp\smartbar\Installer.exe.config, In Quarantäne, [699733cdb54bd12f327487ffd42ea55b], 
PUP.Optional.SmartBar.A, C:\Users\Basti\AppData\Local\Temp\smartbar\sqlite3.dll, In Quarantäne, [699733cdb54bd12f327487ffd42ea55b], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [11efbe422bd5ca3613ff327343c0d828], 
PUP.Optional.DealPly.A, C:\Users\Basti\AppData\Roaming\DealPly\UpdateProc\config.dat, In Quarantäne, [0af6eb157c84f8080842bea46f93b24e], 
PUP.Optional.DealPly.A, C:\Users\Basti\AppData\Roaming\DealPly\UpdateProc\info.dat, In Quarantäne, [0af6eb157c84f8080842bea46f93b24e], 
PUP.Optional.DealPly.A, C:\Users\Basti\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe, In Quarantäne, [0af6eb157c84f8080842bea46f93b24e], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\0112907235A9428B90E2593F311DCA9B\3209.ico, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\0112907235A9428B90E2593F311DCA9B\speedupmypcDE.exe, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\08FDF9B0B8044ACCA5CA1FB5A09B4271\Installer.exe, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\5C0D5C73EDCE40DC89445EF9845B5D50\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.OpenCandy, C:\Users\Basti\AppData\Roaming\OpenCandy\7457A55C8A0B4FB3A8B71CDA7A1AA118\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [9b6528d80000a65ac8b9075bd131b34d], 
PUP.Optional.FileScout.A, C:\Users\Basti\AppData\Roaming\File Scout\uninst.exe, In Quarantäne, [10f08f71e21e40c0d0c98cd62ad86f91], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.html, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\manifest.json, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.htm, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.html, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.html, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS\border.css, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fb.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fblike.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\gmail.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\google.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\googleplus.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\left.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\mgsplusvideo.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\pinit.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\right.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\searchBox.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\twitter.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-1.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-2.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-3.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\BackPageRemove.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\defaultBlockList.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\documentEvents.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\externalJS.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\FBImagePreview.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\InternalJS.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\jquery-1.9.0.min.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\PluginWrapper.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\publisherDefinitions.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\tabReload.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\TopFrameJS.js, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\homePage.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Linkury.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Linkury128.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Linkury16.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.SnapDo.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\Linkury48.png, In Quarantäne, [45bb867a08f8fe02d0ff90d522e011ef], 
PUP.Optional.HelperBar.A, C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (  "homepage": "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000",), Ersetzt,[40c0cb35718f8779961d4c0fdf25a957]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
2. Schritt: adwCleaner
Code:
ATTFilter
# AdwCleaner v3.202 - Bericht erstellt am 25/04/2014 um 17:28:21
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Basti - SEBASTIAN
# Gestartet von : C:\Users\Basti\Desktop\Trojanerboard\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Websteroids
Ordner Gelöscht : C:\ProgramData\WOWCoupoen
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gelöscht : C:\Program Files (x86)\Uniblue
Ordner Gelöscht : C:\Users\Basti\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\Basti\AppData\Local\Software
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\p7i@ctvv-ccrd.org
Ordner Gelöscht : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmhkhhcmceninamcfbengebffgkjfb
Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Dealply
Datei Gelöscht : C:\WINDOWS\System32\Tasks\DealPlyUpdate
Datei Gelöscht : C:\WINDOWS\Tasks\DSite.job
Datei Gelöscht : C:\WINDOWS\System32\Tasks\DSite
Datei Gelöscht : C:\WINDOWS\Tasks\SpeedUpMyPC.job

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKCU\Software\94dedee73eb844
Schlüssel Gelöscht : HKLM\SOFTWARE\94dedee73eb844
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v28.0 (en-US)

[ Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.VkmgFrz8eG.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp0000080[...]
Zeile gelöscht : user_pref("extensions.uAtrcSfe.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp00000800\[...]

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : ifhmhkhhcmceninamcfbengebffgkjfb
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [7640 octets] - [25/04/2014 17:24:37]
AdwCleaner[S0].txt - [6803 octets] - [25/04/2014 17:28:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6863 octets] ##########
         
3. Schritt: JRT - Junkware Removal Tool

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Basti on 25/04/2014 at 17:42:06.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2040692901-543291816-533557636-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files

Successfully deleted: [File] "C:\Users\Basti\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] "C:\Users\Basti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] "C:\Users\Basti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Basti\music\qtrax media library"



~~~ FireFox

Successfully deleted the following from C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\z8ehhuuq.default\prefs.js

user_pref("extensions.uAtrcSfe.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexO
Emptied folder: C:\Users\Basti\AppData\Roaming\mozilla\firefox\profiles\z8ehhuuq.default\minidumps [57 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/04/2014 at 17:58:36.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 25.04.2014, 18:14   #7
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



4. Schritt: Frisches Log mit FRST

Teil 1:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-04-2014 01
Ran by Basti (administrator) on SEBASTIAN on 25-04-2014 18:02:34
Running from C:\Users\Basti\Desktop\Trojanerboard
Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
() C:\Program Files\Novell\Client\cusrvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Windows\System32\nwtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-07-18] (Alcor Micro Corp.)
HKLM\...\Run: [NWTRAY] => C:\Windows\system32\NWTRAY.EXE [38016 2012-10-28] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [84576 2013-07-24] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\S-1-5-21-2040692901-543291816-533557636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2040692901-543291816-533557636-1001\...\MountPoints2: {3c451ac7-9af5-11e3-bf22-089e014a89f0} - "D:\LaunchU3.exe" -a
Lsa: [Authentication Packages] msv1_0 ncv1_0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {76DE361A-F9A4-47F3-8964-5256BC0DE4E1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {1C0352DF-7259-4A7B-9B39-47650F8A7EFA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {76DE361A-F9A4-47F3-8964-5256BC0DE4E1} URL = hxxp://www.sm.de/?q={searchTerms}
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: CouppScaNner - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\aaeu0u@aoac.com [2014-01-30]
FF Extension: InfoBird Pro - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\addon@infobirdpro.com [2013-09-01]
FF Extension: My Movie Magnet - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\admin@mymoviemagnet.com [2013-09-01]
FF Extension: Real Summer Sale - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\realsummersale1@realsummersale.com [2013-09-01]
FF Extension: Adblock Plus - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\z8ehhuuq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=2306573a-b7aa-f554-6fe8-72f54a2d5af1&searchtype=hp&fr=linkury-tb&installDate=10/01/2014&type=hp1000"
CHR DefaultSearchKeyword: SuchMaschine
CHR DefaultSearchURL: hxxp://www.sm.de/?q={searchTerms}
CHR Extension: (Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-26]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-26]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-26]
CHR Extension: (Google Search) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-26]
CHR Extension: (No Name) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmhkhhcmceninamcfbengebffgkjfb [2014-01-29]
CHR Extension: (Gmail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-26]
CHR Extension: (CouppScaNner) - C:\ProgramData\oboheghbanmkkchbgiiadknlnhmpafjl [2014-01-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 cusrvc; C:\Program Files\Novell\Client\cusrvc.exe [108160 2012-10-28] ()
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-23] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [20096 2012-10-28] (Novell, Inc.)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\system32\DRIVERS\USBMAC64.SYS [55296 2009-12-07] (--)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112256 2012-10-28] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [114816 2012-10-28] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [90240 2012-10-28] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [119936 2012-10-28] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [26240 2012-10-28] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [31360 2012-10-28] (Novell, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-23] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-30] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [80000 2012-10-28] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [78976 2012-10-28] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [49280 2012-10-28] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [19584 2012-10-28] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [83584 2012-10-28] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [39040 2012-10-28] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [55936 2012-10-28] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [36992 2012-10-28] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [25216 2012-10-28] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [35968 2012-10-28] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [59520 2012-10-28] (Novell, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 17:58 - 2014-04-25 17:58 - 00001772 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-04-25 17:42 - 2014-04-25 17:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-25 17:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-04-25 17:24 - 2014-04-25 17:28 - 00000000 ____D () C:\AdwCleaner
2014-04-25 16:02 - 2014-04-25 17:52 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 16:02 - 2014-04-25 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-25 16:01 - 2014-04-25 16:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-25 16:01 - 2014-04-25 16:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 16:01 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-25 16:01 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-25 16:01 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-25 15:58 - 2014-04-25 15:59 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Basti\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 08:25 - 2014-04-25 15:53 - 04044769 _____ () C:\Users\Basti\Desktop\Promotionsvortrag.pptx
2014-04-24 16:14 - 2014-04-25 18:02 - 00000000 ____D () C:\Users\Basti\Desktop\Trojanerboard
2014-04-24 14:51 - 2014-04-24 14:51 - 00000097 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-04-24 14:46 - 2014-04-25 18:02 - 00000000 ____D () C:\FRST
2014-04-24 14:34 - 2014-04-24 14:34 - 00000000 _____ () C:\Users\Basti\defogger_reenable
2014-04-24 13:43 - 2014-04-24 13:43 - 00000000 ____D () C:\Users\Basti\Downloads\backups
2014-04-24 13:36 - 2014-04-24 14:18 - 00011197 _____ () C:\Users\Basti\Downloads\hijackthis.log
2014-04-24 13:35 - 2014-04-24 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Basti\Downloads\HiJackThis204.exe
2014-04-23 23:40 - 2014-04-23 23:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieUserList
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieSiteList
2014-04-23 17:19 - 2014-04-23 17:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 17:19 - 2014-04-23 17:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-23 17:02 - 2014-04-23 17:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-23 17:02 - 2014-04-23 17:02 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-23 11:30 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-23 11:30 - 2014-03-20 05:48 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-23 11:30 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-23 11:30 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-23 11:30 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-23 11:30 - 2014-03-20 03:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-23 11:30 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-23 11:30 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-23 11:30 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-23 11:30 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-23 11:30 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-23 11:30 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-23 11:30 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-23 11:30 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-23 11:30 - 2014-03-19 06:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-23 11:30 - 2014-03-19 06:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-23 11:30 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-23 11:30 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-23 11:30 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-23 11:30 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-23 11:30 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-23 11:30 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-23 11:30 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-23 11:30 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-23 11:30 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-23 11:30 - 2014-03-08 22:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-23 11:30 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-23 11:30 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-23 11:30 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-23 11:30 - 2014-03-08 09:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-23 11:30 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-23 11:30 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-23 11:30 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-23 11:30 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-23 11:30 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-23 11:30 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-23 11:30 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-23 11:30 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-23 11:30 - 2014-03-08 08:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-23 11:30 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-23 11:30 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-23 11:30 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-23 11:30 - 2014-03-06 16:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-23 11:30 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-23 11:30 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-23 11:30 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-23 11:30 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-23 11:30 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-23 11:30 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-23 11:30 - 2014-03-06 14:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-23 11:30 - 2014-03-06 14:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-23 11:30 - 2014-03-06 14:40 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-23 11:30 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-23 11:30 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-23 11:30 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-23 11:30 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-23 11:30 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-23 11:30 - 2014-03-06 11:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-23 11:30 - 2014-03-06 11:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-23 11:30 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-23 11:30 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-23 11:30 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-23 11:30 - 2014-03-06 09:22 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-23 11:30 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-23 11:30 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-23 11:30 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-23 11:30 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-23 11:30 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-23 11:30 - 2014-03-06 08:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-23 11:30 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-23 11:30 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-23 11:30 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-23 11:30 - 2014-03-06 08:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-23 11:30 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-23 11:30 - 2014-03-06 08:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-23 11:30 - 2014-03-06 08:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-23 11:30 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-23 11:30 - 2014-03-06 08:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-23 11:30 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-23 11:30 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-23 11:30 - 2014-03-06 07:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-23 11:30 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-23 11:30 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-23 11:30 - 2014-03-06 07:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-23 11:30 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-23 11:30 - 2014-03-06 07:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-23 11:30 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-23 11:30 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-23 11:30 - 2014-03-06 07:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-23 11:30 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-23 11:30 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-23 11:30 - 2014-03-06 07:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-23 11:30 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-23 11:30 - 2014-03-04 14:15 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-23 11:30 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-23 11:30 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-23 11:30 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-23 11:30 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-23 11:30 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-23 11:30 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-23 11:30 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-23 11:30 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-23 11:30 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-23 11:29 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-23 11:29 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-23 11:29 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-23 11:29 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-23 11:29 - 2014-03-12 15:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-23 11:29 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-23 11:29 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-23 11:29 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-23 11:29 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-23 11:29 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-23 11:29 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-23 11:29 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-23 11:29 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-23 11:29 - 2014-03-08 22:35 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-23 11:29 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-23 11:29 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-23 11:29 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-23 11:29 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-23 11:29 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-23 11:29 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-23 11:29 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-23 11:29 - 2014-03-08 09:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-23 11:29 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-23 11:29 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-23 11:29 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-23 11:29 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-23 11:29 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-23 11:29 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-23 11:29 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-23 11:29 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-23 11:29 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-23 11:29 - 2014-03-06 14:40 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-23 11:29 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-23 11:29 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-23 11:29 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-23 11:29 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-23 11:29 - 2014-03-06 11:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-23 11:29 - 2014-03-06 11:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-23 11:29 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-23 11:29 - 2014-03-06 11:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-23 11:29 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-23 11:29 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-23 11:29 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-23 11:29 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-23 11:29 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-23 11:29 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-23 11:29 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-23 11:29 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-23 11:29 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-23 11:29 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-23 11:29 - 2014-03-06 10:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-23 11:29 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-23 11:29 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-23 11:29 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-23 11:29 - 2014-03-06 09:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-23 11:29 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-23 11:29 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-23 11:29 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-23 11:29 - 2014-03-06 08:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-23 11:29 - 2014-03-06 08:34 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-23 11:29 - 2014-03-06 08:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-23 11:29 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-23 11:29 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-23 11:29 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-23 11:29 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-23 11:29 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-23 11:29 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-23 11:29 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-23 11:29 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-23 11:29 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-23 11:29 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-23 11:29 - 2014-03-04 14:15 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-23 11:29 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-23 11:29 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-23 11:29 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-23 11:29 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-23 11:29 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-23 11:29 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-23 11:29 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-23 11:29 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-23 11:29 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-23 11:29 - 2014-02-07 00:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-23 11:29 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-23 11:29 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-23 11:29 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-23 11:27 - 2014-03-02 12:20 - 23549952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-23 11:27 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-23 11:27 - 2014-02-26 08:29 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-23 11:26 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-23 11:26 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-23 11:26 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-23 11:26 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-23 11:26 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-23 11:17 - 2014-02-22 17:44 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-23 11:17 - 2014-02-22 14:15 - 04192768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-23 11:17 - 2014-02-22 13:44 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-23 11:17 - 2014-02-22 13:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-23 11:17 - 2014-02-22 13:00 - 05784064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-23 11:17 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-23 11:17 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-23 11:17 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-23 11:17 - 2014-02-22 12:00 - 02043904 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-23 11:17 - 2014-02-22 11:39 - 13551104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-23 11:17 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-23 11:17 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-23 11:17 - 2014-02-22 11:11 - 02262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-23 11:17 - 2014-02-22 10:49 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-23 11:17 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-23 11:17 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-23 11:17 - 2014-02-08 03:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-23 11:16 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-23 11:16 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-23 11:16 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-23 11:16 - 2014-02-22 17:41 - 02142976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-23 11:16 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-04-23 11:16 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-04-23 11:16 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-23 11:16 - 2014-02-22 13:17 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-23 11:16 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-23 11:16 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-23 11:16 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-23 11:16 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-23 11:16 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-04-23 11:16 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-23 11:16 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-23 11:16 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-23 11:16 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-23 11:16 - 2014-02-22 10:53 - 12027904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-23 11:16 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-23 11:15 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-23 11:15 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-23 11:15 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-23 11:15 - 2014-02-22 17:50 - 02588168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-23 11:15 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-23 11:15 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-23 11:15 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-23 11:15 - 2014-02-22 17:44 - 00539992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-23 11:15 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-23 11:15 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-23 11:15 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-23 11:15 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-23 11:15 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-23 11:15 - 2014-02-22 17:41 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-23 11:15 - 2014-02-22 17:41 - 00609456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-23 11:15 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-23 11:15 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-23 11:15 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-04-23 11:15 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-04-23 11:15 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-23 11:15 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-23 11:15 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-23 11:15 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-04-23 11:15 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-23 11:15 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-23 11:15 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-23 11:15 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-04-23 11:15 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-23 11:15 - 2014-02-22 12:09 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-23 11:15 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-23 11:15 - 2014-02-22 12:06 - 02943488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-23 11:15 - 2014-02-22 12:01 - 02648064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-23 11:15 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-23 11:15 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-23 11:15 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-23 11:15 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-23 11:15 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-23 11:15 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-23 11:15 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-23 11:15 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-23 11:15 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-23 11:15 - 2014-02-22 11:21 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-23 11:15 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-23 11:15 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-23 11:15 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-23 11:15 - 2014-02-22 11:07 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-23 11:15 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-04-23 11:15 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-23 11:15 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-23 11:15 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-23 11:15 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-04-23 11:15 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-23 11:15 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-23 11:15 - 2014-02-22 10:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-23 11:15 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-23 11:15 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-23 11:15 - 2014-02-22 10:34 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-23 11:15 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-23 11:15 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-23 11:15 - 2014-02-22 10:04 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-23 11:15 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-23 11:15 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-23 11:15 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-23 11:14 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-23 11:14 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-23 11:14 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-23 11:14 - 2014-02-22 18:00 - 00590168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-23 11:14 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-23 11:14 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-23 11:14 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-23 11:14 - 2014-02-22 17:50 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-23 11:14 - 2014-02-22 17:49 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-23 11:14 - 2014-02-22 17:49 - 00280920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-23 11:14 - 2014-02-22 17:49 - 00148824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-23 11:14 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-23 11:14 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-23 11:14 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-23 11:14 - 2014-02-22 17:44 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-23 11:14 - 2014-02-22 17:41 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-23 11:14 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-23 11:14 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-23 11:14 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-23 11:14 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-23 11:14 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-23 11:14 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-23 11:14 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-04-23 11:14 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-23 11:14 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-23 11:14 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-23 11:14 - 2014-02-22 14:14 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-23 11:14 - 2014-02-22 14:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-23 11:14 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-23 11:14 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-23 11:14 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-23 11:14 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-23 11:14 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-23 11:14 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-23 11:14 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-23 11:14 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-23 11:14 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-23 11:14 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-23 11:14 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-04-23 11:14 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-04-23 11:14 - 2014-02-22 12:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-23 11:14 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-23 11:14 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-23 11:14 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-23 11:14 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-23 11:14 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-23 11:14 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-23 11:14 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-23 11:14 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-23 11:14 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-23 11:14 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-23 11:14 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-23 11:14 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-23 11:14 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-23 11:14 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-23 11:14 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-23 11:14 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-23 11:14 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-23 11:14 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-23 11:14 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-23 11:14 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-23 11:14 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-04-23 11:14 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-23 11:14 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-23 11:14 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-23 11:14 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-23 11:14 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-23 11:14 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-23 11:14 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-23 11:14 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-23 11:14 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-23 11:14 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-23 11:14 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-23 11:14 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-23 11:14 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-23 11:14 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-23 11:14 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-23 11:14 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-23 11:14 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-23 11:14 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-23 11:14 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-23 11:14 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-23 11:14 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-23 11:14 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-23 11:14 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-23 11:14 - 2014-02-22 10:46 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-23 11:14 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-23 11:14 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-04-23 11:14 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-23 11:14 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-23 11:14 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-04-23 11:14 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-23 11:14 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-23 11:14 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-23 11:14 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-23 11:14 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-23 11:14 - 2014-02-22 10:24 - 02760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-23 11:14 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-23 11:14 - 2014-02-22 10:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-23 11:14 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-04-23 11:14 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-04-23 11:14 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-23 11:14 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-23 11:14 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-23 11:14 - 2014-02-22 06:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-23 11:14 - 2014-02-02 16:48 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-23 11:14 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-23 11:14 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-23 11:14 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-23 11:14 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-23 11:14 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-23 11:14 - 2014-01-27 19:04 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-23 11:14 - 2014-01-27 17:38 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-23 11:14 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-23 11:14 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-04-23 11:14 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-23 11:14 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-23 11:14 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-23 11:13 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-23 11:13 - 2014-02-22 18:59 - 00123448 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-23 11:13 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-23 11:13 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-23 11:13 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-23 11:13 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-23 11:13 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-23 11:13 - 2014-02-22 18:00 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-23 11:13 - 2014-02-22 18:00 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-23 11:13 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-23 11:13 - 2014-02-22 17:59 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-23 11:13 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-23 11:13 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-23 11:13 - 2014-02-22 17:50 - 00258784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-23 11:13 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-23 11:13 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-23 11:13 - 2014-02-22 17:49 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-23 11:13 - 2014-02-22 17:49 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-23 11:13 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-23 11:13 - 2014-02-22 17:49 - 00079192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-23 11:13 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-23 11:13 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-23 11:13 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-23 11:13 - 2014-02-22 17:41 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-23 11:13 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-23 11:13 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-23 11:13 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-23 11:13 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-23 11:13 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-23 11:13 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-23 11:13 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-23 11:13 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-23 11:13 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-23 11:13 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-23 11:13 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-23 11:13 - 2014-02-22 14:14 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-23 11:13 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-23 11:13 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-23 11:13 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-23 11:13 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-23 11:13 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-23 11:13 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-23 11:13 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-23 11:13 - 2014-02-22 13:25 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-23 11:13 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-23 11:13 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-23 11:13 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-23 11:13 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-23 11:13 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-23 11:13 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-23 11:13 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-23 11:13 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-23 11:13 - 2014-02-22 13:00 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-23 11:13 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-23 11:13 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-23 11:13 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-23 11:13 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-23 11:13 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-23 11:13 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-23 11:13 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-23 11:13 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-23 11:13 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-23 11:13 - 2014-02-22 12:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-23 11:13 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-23 11:13 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-23 11:13 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-23 11:13 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-23 11:13 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-23 11:13 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-23 11:13 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-23 11:13 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-23 11:13 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-23 11:13 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-23 11:13 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-23 11:13 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-23 11:13 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-23 11:13 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-23 11:13 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-23 11:13 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-23 11:13 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-23 11:13 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-23 11:13 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-23 11:13 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-23 11:13 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-23 11:13 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-23 11:13 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-23 11:13 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-23 11:13 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-04-23 11:13 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 11:13 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-23 11:13 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-23 11:13 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-23 11:13 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-23 11:13 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-23 11:13 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 11:13 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-04-23 11:13 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-23 11:13 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-23 11:13 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-23 11:13 - 2014-02-22 10:52 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-23 11:13 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-23 11:13 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-23 11:13 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-23 11:13 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-23 11:13 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-23 11:13 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-23 11:13 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-23 11:13 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-23 11:13 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-23 11:13 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-23 11:13 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-23 11:13 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-23 11:13 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-04-23 11:13 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-23 11:13 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-23 11:13 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-23 11:13 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-23 11:13 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-23 11:13 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-23 11:13 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-23 11:13 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-23 11:13 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-23 11:13 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-23 11:13 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-23 11:13 - 2014-01-29 10:52 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-23 11:13 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-23 11:13 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-23 11:13 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-23 11:13 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-23 11:13 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-23 11:12 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-23 11:12 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-23 11:12 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-23 11:12 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-23 11:12 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-23 11:12 - 2014-02-22 17:50 - 00054816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-23 11:12 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-23 11:12 - 2014-02-22 17:49 - 00189784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-23 11:12 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-23 11:12 - 2014-02-22 17:41 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-23 11:12 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-23 11:12 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-23 11:12 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-23 11:12 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-23 11:12 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-23 11:12 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 11:12 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-23 11:12 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-23 11:12 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-23 11:12 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-23 11:12 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-23 11:12 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-23 11:12 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-23 11:12 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-23 11:12 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-23 11:12 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-23 11:12 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-23 11:12 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-23 11:12 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-23 11:12 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-23 11:12 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-23 11:12 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-23 11:12 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-23 11:12 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-23 11:12 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-23 11:12 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-23 11:12 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-23 11:12 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-23 11:12 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-23 11:12 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-23 11:12 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-23 11:12 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-23 11:12 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-23 11:12 - 2014-02-22 13:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-23 11:12 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-23 11:12 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-23 11:12 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-23 11:12 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-23 11:12 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-23 11:12 - 2014-02-22 12:56 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-23 11:12 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-23 11:12 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-23 11:12 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-23 11:12 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-23 11:12 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-23 11:12 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-23 11:12 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 11:12 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-23 11:12 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-23 11:12 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-23 11:12 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-23 11:12 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-23 11:12 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-23 11:12 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-23 11:12 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-23 11:12 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-23 11:12 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-23 11:12 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-23 11:12 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-23 11:12 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-23 11:12 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 11:12 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-23 11:12 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-23 11:12 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-23 11:12 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-23 11:12 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-23 11:12 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 11:12 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-23 11:12 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-23 11:12 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 11:12 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-23 11:12 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-23 11:12 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-23 11:12 - 2014-02-22 11:29 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-23 11:12 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-23 11:12 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-23 11:12 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-23 11:12 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-23 11:12 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-23 11:12 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-23 11:12 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
         

Alt 25.04.2014, 18:24   #8
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



FRST Teil 2:

Code:
ATTFilter
2014-04-23 11:12 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-23 11:12 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-23 11:12 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-23 11:12 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-23 11:12 - 2014-02-22 10:59 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-23 11:12 - 2014-02-22 10:55 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-23 11:12 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-23 11:12 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-23 11:12 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-23 11:12 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-23 11:12 - 2014-02-22 10:49 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-23 11:12 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-04-23 11:12 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-23 11:12 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-23 11:12 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-23 11:12 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-23 11:12 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-23 11:12 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-04-23 11:12 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-23 11:12 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-23 11:12 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-23 11:12 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-23 11:12 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-23 11:12 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-23 11:12 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-23 11:12 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-23 11:12 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-23 11:12 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-23 11:12 - 2014-01-31 13:59 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-23 11:12 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-23 11:12 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-23 11:12 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-23 11:12 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-23 11:12 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-23 11:12 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-23 11:12 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-23 11:12 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-23 11:12 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-23 11:12 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-23 11:12 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-23 11:12 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-23 11:12 - 2013-11-08 06:04 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-23 11:11 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-23 11:11 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-23 11:11 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-23 11:11 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-23 11:11 - 2014-02-22 14:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-23 11:11 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-23 11:11 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-23 11:11 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-23 11:11 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-23 11:11 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-23 11:11 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 11:11 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-23 11:11 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-23 11:11 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-23 11:11 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-04-23 11:11 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-23 11:11 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-23 11:11 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-23 11:11 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-23 11:11 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-23 11:11 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-23 11:11 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-23 11:11 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-23 11:11 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-23 11:11 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-23 11:11 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-23 11:11 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-23 11:11 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-04-23 11:11 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-23 11:11 - 2014-02-22 12:36 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-23 11:11 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-23 11:11 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-23 11:11 - 2014-02-22 12:29 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-23 11:11 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-23 11:11 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-23 11:11 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-23 11:11 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-23 11:11 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-23 11:11 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-23 11:11 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-04-23 11:11 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-23 11:11 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-23 11:11 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-23 11:11 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-23 11:11 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-23 11:11 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-23 11:11 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-23 11:11 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-23 11:11 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-23 11:11 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-23 11:11 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-23 11:11 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-23 11:11 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-23 11:11 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-23 11:11 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-23 11:11 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-23 11:11 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-04-23 11:11 - 2014-02-22 10:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-23 11:11 - 2014-02-22 10:55 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 11:11 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-23 11:11 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-23 11:11 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-23 11:11 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-23 11:11 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-04-23 11:11 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 11:11 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-23 11:11 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-23 11:11 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-23 11:11 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-23 11:11 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-23 11:11 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-23 11:11 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-23 11:11 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-23 11:11 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-23 11:11 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-23 11:11 - 2014-01-27 19:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-23 11:11 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-23 11:11 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-23 11:10 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-23 11:10 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-23 11:10 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-23 11:10 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-23 11:10 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-23 11:10 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-23 11:10 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 11:10 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-23 11:10 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-23 11:10 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-23 11:10 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-23 11:10 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-23 11:10 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-23 11:10 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-23 11:10 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-23 11:10 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-23 11:10 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-23 11:10 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-23 11:10 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-23 11:10 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-23 11:10 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-23 11:10 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-23 11:10 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 11:10 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 11:10 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-23 11:10 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-23 11:10 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 11:10 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 11:10 - 2014-01-27 13:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-23 11:10 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 12:09 - 2014-04-09 12:09 - 00358000 _____ (Juniper Networks) C:\WINDOWS\SysWOW64\dsGinaLoaderX64.dll
2014-03-29 12:19 - 2014-03-29 12:19 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-28 20:09 - 2013-08-30 10:51 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-03-28 20:09 - 2013-08-30 10:51 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-03-28 20:09 - 2013-08-30 10:51 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-03-28 20:08 - 2014-03-28 20:08 - 00002217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-03-28 20:08 - 2014-03-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-03-28 20:01 - 2014-03-28 20:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-28 20:00 - 2014-03-28 20:00 - 00000000 ____D () C:\Users\Basti\Documents\DVDVideoSoft
2014-03-26 12:28 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-26 12:28 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-26 12:28 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-26 12:10 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-26 12:10 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-26 12:10 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-26 12:10 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-26 12:10 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-26 12:10 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-26 12:10 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-26 12:10 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-26 12:10 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-26 12:10 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-26 12:10 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-26 12:10 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll

==================== One Month Modified Files and Folders =======

2014-04-25 18:02 - 2014-04-24 16:14 - 00000000 ____D () C:\Users\Basti\Desktop\Trojanerboard
2014-04-25 18:02 - 2014-04-24 14:46 - 00000000 ____D () C:\FRST
2014-04-25 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-25 17:59 - 2013-02-07 17:13 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2040692901-543291816-533557636-1001
2014-04-25 17:58 - 2014-04-25 17:58 - 00001772 _____ () C:\Users\Basti\Desktop\JRT.txt
2014-04-25 17:52 - 2014-04-25 16:02 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 17:48 - 2014-02-03 09:45 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B65C7FF9-647F-466A-96C6-666C8895AAB0}
2014-04-25 17:42 - 2014-04-25 17:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-25 17:38 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-25 17:38 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-25 17:38 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-25 17:36 - 2013-07-22 10:09 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-04-25 17:36 - 2013-02-08 12:01 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-04-25 17:35 - 2014-01-31 15:40 - 00000000 __RDO () C:\Users\Basti\SkyDrive
2014-04-25 17:30 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-25 17:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-25 17:28 - 2014-04-25 17:24 - 00000000 ____D () C:\AdwCleaner
2014-04-25 17:11 - 2014-02-04 23:26 - 00059404 _____ () C:\WINDOWS\PFRO.log
2014-04-25 17:10 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-04-25 16:11 - 2013-02-07 21:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-25 16:02 - 2014-04-25 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-25 16:02 - 2014-04-25 16:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-25 16:01 - 2014-04-25 16:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-25 15:59 - 2014-04-25 15:58 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Basti\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 15:53 - 2014-04-25 08:25 - 04044769 _____ () C:\Users\Basti\Desktop\Promotionsvortrag.pptx
2014-04-25 15:10 - 2014-01-30 11:58 - 01396842 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-25 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-25 12:22 - 2013-07-29 08:13 - 00000064 _____ () C:\Users\Basti\AppData\Roaming\WB.CFG
2014-04-24 17:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-24 14:51 - 2014-04-24 14:51 - 00000097 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-04-24 14:34 - 2014-04-24 14:34 - 00000000 _____ () C:\Users\Basti\defogger_reenable
2014-04-24 14:34 - 2014-01-30 11:23 - 00000000 ____D () C:\Users\Basti
2014-04-24 14:18 - 2014-04-24 13:36 - 00011197 _____ () C:\Users\Basti\Downloads\hijackthis.log
2014-04-24 13:51 - 2014-02-04 14:54 - 00010214 _____ () C:\WINDOWS\setupact.log
2014-04-24 13:43 - 2014-04-24 13:43 - 00000000 ____D () C:\Users\Basti\Downloads\backups
2014-04-24 13:35 - 2014-04-24 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Basti\Downloads\HiJackThis204.exe
2014-04-24 12:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-24 11:51 - 2013-02-07 20:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-23 23:40 - 2014-04-23 23:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-23 23:40 - 2013-12-22 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 23:40 - 2013-02-07 20:06 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieUserList
2014-04-23 23:37 - 2014-04-23 23:37 - 00000000 __SHD () C:\Users\Basti\AppData\Local\EmieSiteList
2014-04-23 19:13 - 2013-02-07 23:05 - 00000000 ___RD () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 19:13 - 2013-02-07 23:05 - 00000000 ___RD () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 18:47 - 2013-04-19 12:43 - 00000159 _____ () C:\WINDOWS\system32\HPPDEVX.DLL.log
2014-04-23 18:42 - 2013-08-22 16:44 - 00480632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-23 17:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-23 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-23 17:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-23 17:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-23 17:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-23 17:19 - 2014-04-23 17:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 17:19 - 2014-04-23 17:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 17:04 - 2014-04-23 17:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-04-23 17:03 - 2014-04-23 17:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-23 17:02 - 2014-04-23 17:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-23 17:02 - 2014-04-23 17:02 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-17 23:32 - 2012-07-26 04:20 - 00000204 _____ () C:\WINDOWS\SysWOW64\hblirmm.dll
2014-04-17 23:32 - 2012-07-26 04:20 - 00000100 _____ () C:\WINDOWS\SysWOW64\prsgrc.dll
2014-04-14 16:40 - 2013-04-29 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2014-04-14 16:40 - 2013-02-08 00:34 - 00000000 ____D () C:\Program Files (x86)\Juniper Networks
2014-04-11 13:51 - 2013-09-10 08:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-11 13:51 - 2013-03-11 17:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 13:46 - 2013-02-11 08:46 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-11 13:25 - 2014-04-11 13:25 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 14:00 - 2014-04-23 11:26 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-09 12:09 - 2014-04-09 12:09 - 00358000 _____ (Juniper Networks) C:\WINDOWS\SysWOW64\dsGinaLoaderX64.dll
2014-04-09 12:09 - 2014-02-13 21:23 - 00594032 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcSmartCardProv.dll
2014-04-09 12:09 - 2014-02-13 21:23 - 00423536 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcCredProv.dll
2014-04-09 05:32 - 2014-04-23 11:26 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-09 05:31 - 2014-04-23 11:26 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-09 05:23 - 2014-04-23 11:26 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-09 05:21 - 2014-04-23 11:26 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-03 09:51 - 2014-04-25 16:01 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-25 16:01 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-25 16:01 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-29 12:20 - 2014-01-10 15:39 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-29 12:19 - 2014-03-29 12:19 - 00002770 _____ () C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-03-28 20:08 - 2014-03-28 20:08 - 00002217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-03-28 20:08 - 2014-03-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-03-28 20:08 - 2014-03-28 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-03-28 20:00 - 2014-03-28 20:00 - 00000000 ____D () C:\Users\Basti\Documents\DVDVideoSoft
2014-03-28 19:59 - 2014-01-10 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-03-28 19:59 - 2014-01-10 15:33 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-28 19:58 - 2014-01-10 15:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\DVDVideoSoft
2014-03-28 19:53 - 2014-01-10 15:14 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-03-26 15:54 - 2013-04-23 18:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-26 15:54 - 2013-04-23 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-26 15:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-26 15:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-26 13:14 - 2014-01-29 17:01 - 00000000 ____D () C:\ProgramData\CouppScaNner
2014-03-26 13:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-26 12:45 - 2013-04-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\avgnt.exe
C:\Users\Basti\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Basti\AppData\Local\Temp\neoNCSetup64.exe
C:\Users\Basti\AppData\Local\Temp\Quarantine.exe
C:\Users\Basti\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-25 17:59

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-04-2014 01
Ran by Basti at 2014-04-25 18:20:56
Running from C:\Users\Basti\Desktop\Trojanerboard
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 2.2.4 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.42.61513 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.42.61513 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20821 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{7BABDF85-566A-FCC6-E6FE-12DCFF3F9FEB}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0821.2159.37544 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.20 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
CouppScaNner (HKLM-x32\...\{80E8B0A0-117D-1402-7CDE-688156237115}) (Version:  - CoupScanneerr)
Dataloger (HKLM-x32\...\{2107998E-852C-480D-BA17-A7EC723F2514}) (Version: 4.00.0000 - ##COMPANY_NAME##)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Eisenbahn.exe Professional 9.0 (HKLM-x32\...\{04652498-7677-4A9F-B5EA-A87D8CB35DD2}) (Version: 9.00.0000 - Trend)
EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.0.6348 - Thomson Reuters)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free Video to JPG Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GraphPad Prism 5 (HKLM-x32\...\{35B73650-6899-11DA-6784-00232A9018BE}) (Version: 5.01 - GraphPad Software)
GroupWise (HKLM-x32\...\{1A159D16-64D4-4460-8D5D-718491667D17}) (Version: 12.0.1 - Novell)
GroupWise Client - VC Runtimes (release) (x32 Version: 1.00.0000 - Novell) Hidden
IBM SPSS Statistics 20 (HKLM-x32\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
ImageJ 1.46r (HKLM-x32\...\ImageJ_is1) (Version:  - NIH)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juniper Installer Service (HKLM-x32\...\SetupService) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.14 (HKLM-x32\...\Juniper Network Connect 7.1.14) (Version: 7.1.14.23943 - Juniper Networks)
Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30611 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NICI (64 bit) (HKLM\...\{559D2B32-5066-4762-A2F2-52831AC6F67B}) (Version: 2.7.6 - Novell, Inc.)
NICI (Shared) U.S./Worldwide (128 bit) (2.7.6-1) (HKLM-x32\...\{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}) (Version:  - )
NMAS Challenge Response Method (HKLM\...\{54031C8D-F80D-47BB-B3CA-5E9BD7750C27}) (Version: 2.8.3.3 - Novell, Inc.)
NMAS Client (HKLM\...\{22859902-78CE-40B0-9429-6FE7A00BBF85}) (Version: 3.5.1.1 - Novell, Inc.)
Novell Client für Windows (HKLM\...\Novell Client for Windows) (Version: 2 SP2 (IR5) - Novell, Inc.)
PDF Creator (HKLM\...\PDF Creator) (Version:  - )
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spider Player 2.5.3 (HKLM-x32\...\Spider Player_is1) (Version: 2.5.3.0 - VIT Software, LLC)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WOWCoupoen (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version:  - WoowCoeuponi) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

04-04-2014 19:06:44 Geplanter Prüfpunkt
11-04-2014 11:41:50 Windows Update
19-04-2014 13:46:34 Geplanter Prüfpunkt
23-04-2014 14:48:58 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05FFE7BA-8A92-48CF-8B7C-0B9505E2BAEA} - \DSite No Task File <==== ATTENTION
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CAD298B-3EEF-431A-9393-0C6E006E90BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {1479F109-4493-4D39-8AE5-89B44B345B1D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {1C7E3447-EC2F-40C6-A161-C9AE38B54723} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B2057BB-F9FB-42B1-B748-892D137C5D8C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4134FB22-63DC-440E-ACC9-6B68C8BCE075} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B134BA2-8640-4BC4-A6A0-83C0EEE17D37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5AF92D80-3512-423A-9B58-913BC07DFABB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {5B46D234-51C8-4A35-93AC-0C4091CCE49D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {5FC6A1F6-79ED-471F-A7BF-A8C92BC8CBC1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6ACF925-E29B-4E4C-9BEC-85AE2152EB98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-11] (Microsoft Corporation)
Task: {B185C781-927A-4AE2-B926-D015691E1179} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B7AE37DD-8544-48E2-997C-0917B1817BD3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-21] (Adobe Systems Incorporated)
Task: {C9846BF8-ADC4-4594-8407-8412BBC4B2C8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D33BCFA0-C109-448A-B9F0-0E06ECE8E904} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F748925C-2A6B-4047-81E5-57E8B8132736} - \DealPly No Task File <==== ATTENTION
Task: {FEA5A9B4-86DC-4ADC-866E-0079D4930C29} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ceec361dab9a11.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-28 18:59 - 2012-10-28 18:59 - 00048256 _____ () C:\WINDOWS\system32\ncv1_0.DLL
2013-06-03 09:12 - 2011-10-04 22:43 - 00087552 _____ () C:\WINDOWS\System32\custmon64i.dll
2013-04-19 12:42 - 2007-01-25 12:50 - 00102912 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpzpi4wm.DLL
2012-10-28 18:59 - 2012-10-28 18:59 - 00108160 _____ () C:\Program Files\Novell\Client\cusrvc.exe
2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-10-28 18:59 - 2012-10-28 18:59 - 00038016 _____ () C:\Windows\System32\nwtray.exe
2012-10-28 18:59 - 2012-10-28 18:59 - 01002112 _____ () C:\Windows\System32\NCNetProvider.DLL
2012-10-28 18:59 - 2012-10-28 18:59 - 00108672 _____ () C:\Windows\System32\NCLangID.dll
2012-10-28 18:59 - 2012-10-28 18:59 - 00174208 _____ () C:\Windows\System32\MAPBASE.dll
2012-10-28 18:59 - 2012-10-28 18:59 - 00270976 _____ () C:\Windows\System32\NWSHLXNT.dll
2012-03-12 18:40 - 2012-03-12 18:40 - 00016384 _____ () C:\Windows\System32\nls\DEUTSCH\NCLangIDR.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00086528 _____ () C:\Windows\System32\nls\DEUTSCH\MAPBASER.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00102400 _____ () C:\Windows\System32\nls\DEUTSCH\NWSHLXNTR.DLL
2012-03-12 18:40 - 2012-03-12 18:40 - 00496640 _____ () C:\Windows\System32\nls\DEUTSCH\NCNetProviderR.DLL
2013-02-07 19:59 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2014-04-23 23:40 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Basti\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/25/2014 06:18:30 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:17:59 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:17:29 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:16:59 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:16:28 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:15:19 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:14:49 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:14:19 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:13:49 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (04/25/2014 06:13:19 PM) (Source: DCOM) (User: SEBASTIAN)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (02/03/2014 01:14:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1685 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (10/01/2013 04:19:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 151 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:34:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:33:35 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/10/2013 06:33:12 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:46:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:42:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:39:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:38:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/14/2013 03:47:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6254 seconds with 3600 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 3786.26 MB
Available physical RAM: 2243.27 MB
Total Pagefile: 4490.26 MB
Available Pagefile: 2435.38 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.95 GB) (Free:197.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 071AFC2A)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 26.04.2014, 00:25   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Okay, dann bitte Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.04.2014, 21:12   #10
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



So, erstmal der Kontrollscan mit MBAM:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26/04/2014
Suchlauf-Zeit: 14:37:32
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.26.01
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Basti

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 276246
Verstrichene Zeit: 1 Std, 17 Min, 11 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
ESET Online Scanner:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3d971e629637fd4fb8487c5f0c6427bc
# engine=18042
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-26 05:49:55
# local_time=2014-04-26 07:49:55 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=1799 16775165 100 96 79314 263957885 72003 0
# compatibility_mode=5893 16776574 100 94 2692685 23415888 0 0
# scanned=363645
# found=4
# cleaned=0
# scan_time=17867
sh=49D772DADC7EB426EA6838F3414AE65B784BCCED ft=1 fh=55146b7becc48edf vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=7EC137D7E94C86251E564C61316494B11AC9CE29 ft=1 fh=df1f6f548ee99c05 vn="a variant of Win32/AdWare.SpeedingUpMyPC.D application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=2F623E1212FA3CC60E377BF324469E423965EC95 ft=1 fh=80d7020bda9b951e vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=E0D69AA8A393FD98AC9899EF3A143C90DF1503F1 ft=1 fh=47978917b33c8b08 vn="NSIS/StartPage.CC trojan" ac=I fn="C:\Users\Basti\Downloads\vlc-2.1.2-win32.exe"
         

Geändert von sunny123 (26.04.2014 um 14:55 Uhr)

Alt 27.04.2014, 22:40   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Nur Reste. Und den VLC-Player lädt man sich wie jede andere Software auch nur von offiziellen Seiten bzw FilePony.de !

TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.04.2014, 14:26   #12
sunny123
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Ich denke, mein System ist jetzt sauber! Vielen Dank für die Hilfe und die wertvollen Tipps!

LG
Sandra

Alt 29.04.2014, 14:37   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla Firefox öffnet unaufgefordert Werbetabs - Standard

Mozilla Firefox öffnet unaufgefordert Werbetabs



Dann wären wir durch!


Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board

Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen.

Helfen kann dir dabei delfix:


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.






Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Mozilla Firefox öffnet unaufgefordert Werbetabs
adware/adware.gen, adware/adware.gen7, adware/dealply.q, launch, pup.bprotector, pup.optional.bprotector.a, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.digitalsites.a, pup.optional.dynconie.a, pup.optional.filescout.a, pup.optional.helperbar.a, pup.optional.installcore.a, pup.optional.linkury.a, pup.optional.opencandy, pup.optional.opencandy.a, pup.optional.searchprotect.a, pup.optional.smartbar, pup.optional.smartbar.a, pup.optional.snapdo.a, pup.optional.sweetim.a, pup.optional.websearch.a, tr/bprotector.gen2, u.s./worldwide, werbetab



Ähnliche Themen: Mozilla Firefox öffnet unaufgefordert Werbetabs


  1. WIN 7 Firefox öffnet unaufgefordert Tabs
    Plagegeister aller Art und deren Bekämpfung - 01.05.2015 (33)
  2. Windows 8.1: Mozilla Firefox und Internet Explorer 11 öffnen sich wiederholt selbstständig mit Werbetabs
    Log-Analyse und Auswertung - 08.02.2015 (11)
  3. Virus? Firefox öffnet unaufgefordert neue Seiten
    Plagegeister aller Art und deren Bekämpfung - 11.07.2014 (17)
  4. Firefox öffnet Werbetabs
    Log-Analyse und Auswertung - 06.05.2014 (1)
  5. Windows7: Browser Firefox öffnet selbsttätig Werbetabs, leitet Links um auf Werbung
    Log-Analyse und Auswertung - 06.03.2014 (32)
  6. Win 8: Firefox öffnet unaufgefordert Gewinnspielseiten mit Iphone 5
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (7)
  7. Seth.Avazutracking.net - Firefox öffnet selbstständig Werbetabs
    Log-Analyse und Auswertung - 14.08.2013 (15)
  8. Firefox öffnet selbständig Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 12.07.2013 (5)
  9. e-ligatus-com, FireFox öffnet unaufgefordert dubiose Internetseite
    Log-Analyse und Auswertung - 19.05.2013 (10)
  10. Firefox öffnet unaufgefordert schädliche Webseiten
    Plagegeister aller Art und deren Bekämpfung - 12.02.2011 (15)
  11. Firefox öffnet automatisch Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 28.05.2010 (3)
  12. Firefox öffnet Werbetabs&Internet Explorer öffnet sich selbstständig
    Log-Analyse und Auswertung - 09.05.2010 (64)
  13. HILFE: Firefox öffnet Werbetabs&Internet Explorer öffnet sich selbstständig
    Log-Analyse und Auswertung - 07.05.2010 (6)
  14. Firefox öffnet ständig Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 09.05.2009 (13)
  15. Firefox öffnet unaufgefordert Werbefenster
    Log-Analyse und Auswertung - 19.03.2009 (14)
  16. Mozilla öffnet unaufgefordert Werbe-Tabs
    Plagegeister aller Art und deren Bekämpfung - 03.02.2009 (0)
  17. Firefox öffnet unaufgefordert Werbefenster
    Log-Analyse und Auswertung - 28.09.2008 (16)

Zum Thema Mozilla Firefox öffnet unaufgefordert Werbetabs - Hallo, wir haben auf unserem Computer seit einiger Zeit das Problem, dass Firefox einfach von selbst irgendwelche Werbetabs öffnet. Ich hoffe, ihr könnt uns weiterhelfen! Hier zunächst die defogger-Datei: Code: - Mozilla Firefox öffnet unaufgefordert Werbetabs...
Archiv
Du betrachtest: Mozilla Firefox öffnet unaufgefordert Werbetabs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.