Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Vermutlich "verseuchten" Laptop wieder fit machen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.04.2014, 17:12   #1
MuttisHelfer
 
Vermutlich "verseuchten" Laptop wieder fit machen - Standard

Vermutlich "verseuchten" Laptop wieder fit machen



Hallo,

ich brauch wiedermal eure Hilfe.
Ich habe von meinem Schwiegervater seinen "alten" Laptop bekommen. Meiner ist zwar älter und der Akku is inzwischen auch tot, aber läuft eigentlich besser. Der "neue" ist von der Leistung aber eigentlich besser.
Nun das Problem: Er braucht ewig für die kleinsten Arbeiten. Ein Internetseitenaufbau uns gleichzeitigen Anschluß eines einfachen Gerätes über USB knocken ihn bereits aus. Mein SV hatte nicht viel installiert aber wenn, dann einfach den ganzen Krempel wie Toolbar, etc. gleich mit. Eine Wiederherstellung ist soweit nicht möglich, da der Laptop nach der CD fragt. Diese ist aber in den weiten des Schreibzimmers verschwunden.
Nun wollt ich mit eurer Hilfe den Laptop mal durchchecken und den ganzen Müll entfernen.

Ich hoffe ich hab die ersten Schritte soweit richtig umgesetzt. Das Gerät hat mir heut echt den letzten Nerv geraubt und ich bin nur noch bedingt aufnahmefähig.

Alt 27.04.2014, 17:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich "verseuchten" Laptop wieder fit machen - Standard

Vermutlich "verseuchten" Laptop wieder fit machen



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 27.04.2014, 19:09   #3
MuttisHelfer
 
Vermutlich "verseuchten" Laptop wieder fit machen - Standard

Vermutlich "verseuchten" Laptop wieder fit machen



Sorry, wurde damit nachgeholt.

Gruß Lars


gmer:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-27 17:17:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-5 WDC_WD2500BEVT-60ZCT1 rev.13.01A13 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Detlef\AppData\Local\Temp\uwlirpod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                     fffff800035bf000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594                                                                                                     fffff800035bf042 4 bytes [00, 00, 00, 00]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                    0000000075de1465 2 bytes [DE, 75]
.text     C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                   0000000075de14bb 2 bytes [DE, 75]
.text     ...                                                                                                                                                                    * 2
---- Processes - GMER 2.1 ----

Process   C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe (*** suspicious ***) @ C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe [2888] (porquero/raí)(2014-04-27 13:33:35)  0000000000400000

---- EOF - GMER 2.1 ----
         
frst:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Detlef (administrator) on DETLEF-PC on 27-04-2014 16:27:32
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files\003\xmkysecqun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(raí) C:\Users\Detlef\AppData\Local\Genesis\Genesis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) D:\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6860288 2013-01-17] (FreeDownloadManager.ORG)
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [DMS-Kalenderchen] => C:\Program Files (x86)\Kalenderchen\Kalenderchen.exe [3494912 2010-03-16] (Daniel Manger Software)
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [genesis] => c:\users\detlef\appdata\local\genesis\genesis.exe [2674688 2014-04-27] (raí)
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {10af241c-ca2c-11e0-959f-001f1668b40e} - F:\pushinst.exe
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {8942b6d8-0541-11e2-9981-001f1668b40e} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-61017140-3861020433-1675330826-1000\...\MountPoints2: {a1a8b541-a43e-11df-a761-001f1668b40e} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\Program Files (x86)\Supporter\Supporter_x64.dll [4621312 2014-04-27] ()
AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => C:\Program Files (x86)\Supporter\Supporter.dll [4378112 2014-04-27] ()
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sticky Notes.lnk
ShortcutTarget: Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.schnell-startseite.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM-x32 - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File
URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111789&tt=3012_5&babsrc=SP_ss&mntrId=90419e5400000000000006242b328da6
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111789&tt=3012_5&babsrc=SP_ss&mntrId=90419e5400000000000006242b328da6
SearchScopes: HKCU - {82CD0794-E37A-45E2-A2B2-FBA6C4AF960B} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_de
SearchScopes: HKCU - {9C96B543-A25B-4F50-97E8-6115E04D55ED} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=GLSV5&o=10168&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=GL&apn_dtid=YYYYYYYYDE&apn_uid=9D0C9A61-4ECE-4007-9230-98AE20C0C493&apn_sauid=F540316C-8C36-45A4-B4BE-1976CB6FA334
SearchScopes: HKCU - {CC40702E-D52D-4099-8FD9-56A7EA82D0C8} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKCU - {D89115C6-D58D-4F7F-A541-A2A5E5B83D9A} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: SaveClicker - {B2857CA1-FBA7-1435-B943-70B7B78EFF79} - C:\Program Files (x86)\SaveClicker\rnztj.x64.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: SaveClicker - {B2857CA1-FBA7-1435-B943-70B7B78EFF79} - C:\Program Files (x86)\SaveClicker\rnztj.dll ()
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
Toolbar: HKLM-x32 - HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files (x86)\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll (Comodo Group, Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B4A4567-D274-461F-ADD2-1AE418F91A8E}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{8137FF82-CFFB-4B8C-B750-CBC1386A3C77}: [NameServer]8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default
FF user.js: detected! => C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\user.js
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - c:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SaveClicker - C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\Extensions\iupnut9-aioy@sacxophxm-.edu [2014-04-27]
FF Extension: Yahoo! Toolbar - C:\Users\Detlef\AppData\Roaming\Mozilla\Firefox\Profiles\ui6z2f6z.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-27]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "hxxp://de.yahoo.com?fr=fpc-comodo"
CHR StartupUrls: "urls_to_restore_on_startup" : [ "hxxp://de.yahoo.com?fr=fpc-comodo"
CHR Extension: (SaveClicker) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlijjhmpdaopbpcbideloklokhcompl [2014-04-27]
CHR Extension: (Iminent) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-01-14]
CHR Extension: (DVDVideoSoftTB) - C:\Users\Detlef\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo [2012-11-26]
CHR HKLM-x32\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Detlef\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-05-08]

==================== Services (Whitelisted) =================

R2 be0fb33b; C:\Program Files (x86)\Supporter\SupporterSvc.dll [178000 2014-04-27] ()
R2 CLPSLS; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [148744 2010-02-19] (COMODO)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-27] ()
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

R0 Achernar; C:\Windows\System32\Drivers\Achernar.sys [34104 2011-12-26] (NewSoft Technology Corporation)
S3 ghsmdm; C:\Windows\System32\DRIVERS\ghsmdm.sys [122496 2011-11-28] (HS Incorporated)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 moufiltr; system32\DRIVERS\moufiltr.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vhidmini; system32\DRIVERS\walvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-27 16:25 - 2014-04-27 16:25 - 00000000 ____D () C:\FRST
2014-04-27 16:23 - 2014-04-27 16:23 - 00000000 _____ () C:\Users\Detlef\defogger_reenable
2014-04-27 15:35 - 2014-04-27 15:48 - 00000294 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-04-27 15:35 - 2014-04-27 15:48 - 00000286 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-04-27 15:35 - 2014-04-27 15:48 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-04-27 15:35 - 2014-04-27 15:48 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-27 15:35 - 2014-04-27 15:35 - 00003040 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-04-27 15:35 - 2014-04-27 15:35 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-04-27 15:35 - 2014-04-27 15:35 - 00002884 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-04-27 15:35 - 2014-04-27 15:35 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-04-27 15:34 - 2014-04-27 15:40 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\System Speedup
2014-04-27 15:34 - 2014-04-27 15:34 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-04-27 15:34 - 2014-04-27 15:34 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-04-27 15:34 - 2014-04-27 15:34 - 00001080 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-04-27 15:34 - 2014-04-27 15:34 - 00001056 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-27 15:34 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-27 15:33 - 2014-04-27 16:27 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Genesis
2014-04-27 15:33 - 2014-04-27 15:52 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\systweak
2014-04-27 15:33 - 2014-04-27 15:43 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar
2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\003
2014-04-27 15:33 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\IminentToolbar
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Packages
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\SaveClicker
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\d29002a417cf45c8
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\SaveClicker
2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Mozilla
2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Mozilla
2014-04-27 11:42 - 2014-04-27 11:42 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 11:42 - 2014-04-27 11:42 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-27 10:42 - 2014-04-27 10:44 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\RavensburgerTipToi
2014-04-27 10:42 - 2014-04-27 10:42 - 00001078 _____ () C:\Users\Detlef\Desktop\tiptoi.lnk
2014-04-27 10:42 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-04-27 10:41 - 2014-04-27 10:42 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-04-27 10:41 - 2014-04-27 10:42 - 00000000 ____D () C:\Program Files (x86)\Ravensburger tiptoi
2014-04-14 11:26 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-04-14 11:18 - 2014-04-14 11:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 11:18 - 2014-04-14 11:18 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-14 11:17 - 2014-04-14 11:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-14 11:17 - 2014-04-14 11:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-14 11:17 - 2014-04-14 11:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-14 11:17 - 2014-04-14 11:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-14 11:16 - 2014-04-14 11:16 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-14 11:16 - 2014-04-14 11:16 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-14 11:16 - 2014-04-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-14 11:16 - 2014-04-14 11:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-14 11:16 - 2014-04-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 11:13 - 2014-04-14 11:26 - 00009841 _____ () C:\Windows\IE11_main.log
2014-04-14 09:05 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-14 09:05 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-14 09:05 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-14 09:05 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-14 08:55 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-14 08:55 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-14 08:55 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-14 08:55 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-14 08:55 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-14 08:55 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-14 08:55 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-14 08:55 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-14 08:55 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-14 08:55 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-14 08:55 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-14 08:55 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-14 08:55 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-14 08:55 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-14 08:55 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-14 08:55 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-14 08:55 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-14 08:55 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-14 07:08 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-14 07:08 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-14 07:07 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-14 07:07 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 07:07 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 07:07 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 07:07 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 07:07 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 07:07 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-14 07:07 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-04-14 07:07 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-14 07:07 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-04-14 07:07 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-14 07:07 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-14 07:07 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-14 07:07 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-14 07:07 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-14 07:07 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-14 07:07 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-14 07:07 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-14 07:07 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-14 07:07 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-14 07:07 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-14 07:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-14 07:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-14 07:07 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-14 07:07 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-14 07:07 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-14 07:07 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-14 07:07 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-14 07:07 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-14 07:07 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-14 07:07 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-04-14 07:07 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-04-14 07:07 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-04-14 07:07 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-04-14 07:07 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-04-14 07:07 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-04-14 07:07 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-04-14 07:07 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-04-14 07:07 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-14 07:07 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-14 07:07 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-14 07:07 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-14 07:07 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-04-14 07:07 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-14 07:07 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-04-14 07:07 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-14 07:06 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 07:06 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 07:06 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 07:06 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 07:06 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 07:06 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 07:06 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 07:06 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 07:06 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 07:06 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 07:06 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 07:06 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-14 07:06 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-14 07:06 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-14 07:06 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-14 07:06 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-14 07:06 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-14 07:06 - 2013-09-25 04:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-14 07:06 - 2013-09-25 04:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-14 07:06 - 2013-09-25 04:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-14 07:06 - 2013-09-25 04:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-14 07:06 - 2013-09-25 04:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-14 07:06 - 2013-09-25 04:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-14 07:06 - 2013-09-25 04:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-14 07:06 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-14 07:06 - 2013-09-25 03:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-14 07:06 - 2013-09-25 03:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-14 07:06 - 2013-09-25 03:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-14 07:06 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-14 07:06 - 2013-09-25 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-14 07:06 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-04-14 07:06 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-04-14 07:06 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-14 07:06 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-14 07:06 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-04-14 07:06 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-04-14 07:06 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-14 07:06 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-14 07:06 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-14 07:06 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-04-14 07:06 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-04-14 07:06 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-14 07:06 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-04-14 07:06 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-14 07:05 - 2014-04-14 07:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-14 07:05 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-04-14 07:05 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-14 07:05 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-14 07:05 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-04-14 07:05 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-04-14 07:05 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-04-14 07:05 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-04-14 07:05 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-14 07:05 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-14 07:05 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-04-14 07:05 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-04-14 07:05 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-04-14 07:05 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-04-14 07:05 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-04-14 07:05 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-04-14 07:05 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-04-14 07:05 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-04-14 07:05 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-14 07:05 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-14 07:05 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-04-14 07:05 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-14 07:05 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-14 07:05 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-04-14 07:05 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-04-14 07:05 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-04-14 07:05 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-14 07:05 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-14 07:05 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-04-14 07:05 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-14 07:05 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-04-14 07:05 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-14 07:05 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-04-14 07:05 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-04-14 07:05 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-04-14 07:05 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-14 07:05 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-14 07:05 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-14 07:04 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-14 07:04 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-14 07:04 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-04-14 07:04 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-04-14 07:04 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 07:04 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-04-14 07:04 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-04-14 07:04 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-04-14 07:04 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-04-14 07:03 - 2014-04-14 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-14 07:03 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-14 07:03 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-14 07:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 07:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 07:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 07:01 - 2014-04-14 07:03 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-14 06:58 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-04-14 06:58 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-04-14 06:58 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-04-14 06:58 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-04-14 06:58 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-04-14 06:41 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-04-13 19:21 - 2014-04-13 19:21 - 00000000 _____ () C:\Windows\KeyScript.ini

==================== One Month Modified Files and Folders =======

2014-04-27 16:27 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Genesis
2014-04-27 16:27 - 2010-03-28 19:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 16:25 - 2014-04-27 16:25 - 00000000 ____D () C:\FRST
2014-04-27 16:25 - 2012-06-06 06:38 - 00111534 _____ () C:\Windows\setupact.log
2014-04-27 16:23 - 2014-04-27 16:23 - 00000000 _____ () C:\Users\Detlef\defogger_reenable
2014-04-27 16:23 - 2010-03-28 14:37 - 00000000 ____D () C:\Users\Detlef
2014-04-27 16:21 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 16:21 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 15:57 - 2012-04-11 08:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 15:53 - 2012-06-06 06:41 - 01305025 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 15:52 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\systweak
2014-04-27 15:49 - 2010-03-28 19:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 15:48 - 2014-04-27 15:35 - 00000294 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2014-04-27 15:48 - 2014-04-27 15:35 - 00000286 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-04-27 15:48 - 2014-04-27 15:35 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-04-27 15:48 - 2014-04-27 15:35 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-27 15:48 - 2012-06-06 06:37 - 00217930 _____ () C:\Windows\PFRO.log
2014-04-27 15:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 15:43 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar
2014-04-27 15:42 - 2010-03-28 14:37 - 00000000 ___RD () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 15:40 - 2014-04-27 15:34 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\System Speedup
2014-04-27 15:35 - 2014-04-27 15:35 - 00003040 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-04-27 15:35 - 2014-04-27 15:35 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-04-27 15:35 - 2014-04-27 15:35 - 00002884 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-04-27 15:35 - 2014-04-27 15:35 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-04-27 15:34 - 2014-04-27 15:34 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-04-27 15:34 - 2014-04-27 15:34 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-04-27 15:34 - 2014-04-27 15:34 - 00001080 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-04-27 15:34 - 2014-04-27 15:34 - 00001056 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-27 15:34 - 2014-04-27 15:34 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files\003
2014-04-27 15:34 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Gast
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\IminentToolbar
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Packages
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Users\Administrator
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\SaveClicker
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\d29002a417cf45c8
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\Supporter
2014-04-27 15:33 - 2014-04-27 15:33 - 00000000 ____D () C:\Program Files (x86)\SaveClicker
2014-04-27 15:33 - 2010-03-28 19:06 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Google
2014-04-27 15:17 - 2010-03-28 14:37 - 00000000 __SHD () C:\Recovery
2014-04-27 14:05 - 2010-03-28 19:06 - 00000000 ____D () C:\Program Files\Google
2014-04-27 14:03 - 2010-03-28 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-27 14:00 - 2010-03-28 19:05 - 00000000 ____D () C:\ProgramData\Google
2014-04-27 14:00 - 2010-03-28 19:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 13:22 - 2010-03-28 15:10 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Mozilla
2014-04-27 11:43 - 2014-04-27 11:43 - 00000000 ____D () C:\Users\Detlef\AppData\Local\Mozilla
2014-04-27 11:43 - 2010-03-29 16:12 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Free Download Manager
2014-04-27 11:42 - 2014-04-27 11:42 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 11:42 - 2014-04-27 11:42 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-27 11:42 - 2014-04-27 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-27 11:42 - 2012-07-24 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-27 10:44 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\RavensburgerTipToi
2014-04-27 10:42 - 2014-04-27 10:42 - 00001078 _____ () C:\Users\Detlef\Desktop\tiptoi.lnk
2014-04-27 10:42 - 2014-04-27 10:42 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-04-27 10:42 - 2014-04-27 10:41 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-04-27 10:42 - 2014-04-27 10:41 - 00000000 ____D () C:\Program Files (x86)\Ravensburger tiptoi
2014-04-27 10:34 - 2009-07-14 19:58 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 10:34 - 2009-07-14 19:58 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 10:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 11:50 - 2010-03-28 14:37 - 00001427 _____ () C:\Users\Detlef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 11:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-14 11:33 - 2012-04-13 10:41 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-14 11:26 - 2014-04-14 11:13 - 00009841 _____ () C:\Windows\IE11_main.log
2014-04-14 11:18 - 2014-04-14 11:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 11:18 - 2014-04-14 11:18 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-14 11:17 - 2014-04-14 11:17 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-14 11:17 - 2014-04-14 11:17 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-14 11:17 - 2014-04-14 11:17 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-14 11:17 - 2014-04-14 11:17 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-14 11:17 - 2014-04-14 11:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-14 11:17 - 2014-04-14 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-14 11:16 - 2014-04-14 11:16 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-14 11:16 - 2014-04-14 11:16 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-14 11:16 - 2014-04-14 11:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-14 11:16 - 2014-04-14 11:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-14 11:16 - 2014-04-14 11:16 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-14 11:16 - 2014-04-14 11:16 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-14 11:16 - 2014-04-14 11:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 11:03 - 2010-03-30 20:38 - 00000000 ____D () C:\Users\Detlef\AppData\Roaming\GlarySoft
2014-04-14 10:55 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-14 10:55 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-14 10:54 - 2010-03-28 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-14 10:52 - 2012-06-06 06:37 - 00347312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-14 10:51 - 2012-05-09 10:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-14 10:51 - 2012-05-09 10:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-14 08:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-14 08:32 - 2010-11-12 10:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-14 07:31 - 2013-09-23 12:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 07:15 - 2012-05-09 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-14 07:05 - 2014-04-14 07:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-14 07:03 - 2014-04-14 07:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-14 07:03 - 2014-04-14 07:01 - 00006660 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-04-14 07:03 - 2013-03-10 20:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-13 19:23 - 2012-05-04 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader
2014-04-13 19:23 - 2012-04-13 10:43 - 00000000 ____D () C:\Program Files (x86)\YouTube Song Downloader
2014-04-13 19:21 - 2014-04-13 19:21 - 00000000 _____ () C:\Windows\KeyScript.ini
2014-04-13 18:58 - 2012-04-11 08:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-13 18:58 - 2012-04-11 08:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-13 18:58 - 2011-05-17 06:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-13 18:46 - 2010-08-10 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 18:26 - 2011-06-20 14:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-04-13 18:22 - 2010-03-28 19:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-13 18:22 - 2010-03-28 19:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 09:35 - 2010-03-28 14:51 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:51 - 2010-04-02 11:11 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Detlef\AppData\Local\Temp\18be6784_.exe
C:\Users\Detlef\AppData\Local\Temp\294823_.exe
C:\Users\Detlef\AppData\Local\Temp\BackupSetup.exe
C:\Users\Detlef\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Detlef\AppData\Local\Temp\RegClean6.exe
C:\Users\Detlef\AppData\Local\Temp\tiptoi-install.exe
C:\Users\Detlef\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-14 10:40

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:24 on 27/04/2014 (Detlef)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2014
Ran by Detlef at 2014-04-27 16:28:29
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2010 Advanced (HKLM-x32\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG)
AVM FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.2.1.0 - AVM Berlin)
Comodo HopSurf (HKLM-x32\...\Comodo HopSurf Toolbar) (Version: 1.0.0.2 - Comodo Security Solutions, Inc.)
COMODO livePCsupport (HKLM-x32\...\{A31A5DFC-3439-48FC-99BB-5174168AE471}) (Version: 3.0.133262.11 - COMODO)
Comodo TrustConnect (HKLM-x32\...\{507A844F-2C0D-4437-933B-3082AC5A9CCE}) (Version: 1.0.0 - Comodo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version:  - 1.0)
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Genesis (HKCU\...\genesis) (Version:  - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.50 - Conexant Systems)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version:  - Daniel Manger)
Media Go (HKLM-x32\...\{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}) (Version: 1.3.227 - Sony)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF-Viewer (HKLM\...\{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1) (Version: 2.0.49.0 - Tracker Software Products Ltd)
Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.53.00 - Software)
Presto! VideoWorks 6 (HKLM-x32\...\{B0C0F5E6-10B1-11D6-9296-0050BA073EEC}) (Version: 6.35.20 - NewSoft Technology Corporation)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
SaveClicker (HKLM-x32\...\{E96338DC-1468-4918-8EC2-8454BFFC5025}) (Version: 4.3.0.1648 - SaveClicker) <==== ATTENTION
Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - SaveClicker) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

==================== Restore Points  =========================

14-04-2014 04:59:17 Installed Java 7 Update 51
14-04-2014 05:09:51 Windows Update
14-04-2014 09:09:44 Windows Update
27-04-2014 12:01:37 Removed COMODO Internet Security
27-04-2014 13:39:06 RegClean Pro So, Apr 27, 14  15:38
27-04-2014 13:55:02 Entfernt Service

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2896A9C6-0CFE-450F-B473-FA9087EDD930} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {2CFEEF9A-7D8A-424C-A572-5837EDBF6199} - System32\Tasks\Google Updater and Installer => C:\Users\Detlef\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {345CEDAF-4EB8-4B72-9B0C-59ECACF4C8DE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3ECC4B24-FDA0-4595-B2D3-F142E4FC2F88} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {52D77B0D-AA79-415C-813C-A89757AD17CA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6357F654-DA57-4C8A-A977-2681B5D3A2E7} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {7A6C5C87-C7CD-42B0-BBDB-E47D48A621D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)
Task: {7E5E8C97-A634-4740-B051-1786B6A64D2A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {88455D88-2FDE-44C9-9705-F374E67182D9} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {89EF78DB-C74C-439D-8B0F-09C1F65D6093} - System32\Tasks\{C00ED860-B02D-4273-8104-3316DA78A0FE} => C:\Program Files (x86)\EasyWeather\EasyWeather.exe [2008-12-31] (MU Software)
Task: {99C055D7-9F5E-46E0-B794-9A0CC5160F4B} - System32\Tasks\{29056E91-249F-4C13-85C1-3EC5A666AE7B} => C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
Task: {A71D0CDA-8A3C-4014-AC40-27FDBD20B431} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {AFFD75A4-5506-4BE6-B756-EBDE49C39F6F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe
Task: {B7921126-EDEF-4E23-841F-168FE7D40CBD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-13] (Adobe Systems Incorporated)
Task: {D8C10315-9838-4053-A246-92D7A4F93C4F} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc) <==== ATTENTION
Task: {EA14CE83-FB7F-491A-8B3B-3FEB7153B767} - System32\Tasks\{DE490C91-3BB9-4167-964C-23A9FA0A9E66} => C:\Program Files (x86)\EasyWeather\EasyWeather.exe [2008-12-31] (MU Software)
Task: {EC286026-2CEB-4027-A38F-65463C17E897} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-28] (Google Inc.)
Task: {F4F14E4B-CAB6-41CD-84A2-5C923D0AD24E} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {F58AFED8-9F36-4884-B4C0-CC65AC623F46} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) =============

2013-03-01 08:25 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-27 15:33 - 2014-04-27 15:33 - 04621312 _____ () C:\Program Files (x86)\Supporter\Supporter_x64.dll
2014-04-27 15:34 - 2014-04-27 15:34 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe
2014-04-27 15:33 - 2014-04-27 15:33 - 04378112 _____ () C:\Program Files (x86)\Supporter\Supporter.dll
2014-04-27 15:33 - 2014-04-27 15:33 - 00178000 _____ () C:\Program Files (x86)\Supporter\SupporterSvc.dll
2010-03-29 16:12 - 2013-01-11 04:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2014-04-27 11:42 - 2014-03-11 06:16 - 03637360 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-01-13 09:52 - 2013-01-11 04:17 - 00105984 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Detlef\Documents\Ihre Registrierung - Ashampoo® Burning Studio 2010 Advanced (F_xon_de) (Deutsch).eml:OECustomProperty
AlternateDataStreams: C:\Users\Detlef\Documents\Registrierung (Schritt 1) ___ folgen Sie dem Link in dieser E-Mail_.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2014 03:52:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000345de
ID des fehlerhaften Prozesses: 0xf6c
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3

Error: (04/27/2014 03:35:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003469c
ID des fehlerhaften Prozesses: 0x438
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3

Error: (09/28/2013 02:30:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/28/2013 02:27:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/24/2013 07:11:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/24/2013 07:09:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/12/2013 02:07:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/12/2013 02:06:12 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/12/2013 01:26:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/06/2013 00:27:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (04/27/2014 03:52:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/27/2014 03:50:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet.

Error: (04/27/2014 03:33:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/27/2014 03:22:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/27/2014 03:11:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/27/2014 03:09:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosesystemhost" wurde nicht richtig gestartet.

Error: (04/27/2014 03:09:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet.

Error: (04/27/2014 03:06:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (04/27/2014 02:09:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/27/2014 02:06:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosediensthost" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (04/27/2014 03:52:07 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c0000005000345def6c01cf621fdfaccdd0c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dll1e7e21d0-ce13-11e3-9df6-001f1668b40e

Error: (04/27/2014 03:35:05 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4ntdll.dll6.1.7601.18247521ea8e7c00000050003469c43801cf621d7bf1e610c:\Windows\syswow64\MsiExec.exeC:\Windows\SysWOW64\ntdll.dllbd6f85c0-ce10-11e3-80f0-001f1668b40e

Error: (09/28/2013 02:30:06 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (09/28/2013 02:27:43 PM) (Source: SideBySide)(User: )
Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0"c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3

Error: (09/24/2013 07:11:48 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (09/24/2013 07:09:51 PM) (Source: SideBySide)(User: )
Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0"c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3

Error: (04/12/2013 02:07:36 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (04/12/2013 02:06:12 PM) (Source: SideBySide)(User: )
Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0"c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3

Error: (04/12/2013 01:26:30 PM) (Source: SideBySide)(User: )
Description: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0"c:\Program Files (x86)\Sony\Media Go\MediaGo.exec:\Program Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST3

Error: (04/06/2013 00:27:26 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 2814.43 MB
Available physical RAM: 1647.13 MB
Total Pagefile: 5627.03 MB
Available Pagefile: 4311.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:135.13 GB) (Free:92.14 GB) NTFS
Drive d: (DATA) (Fixed) (Total:97.66 GB) (Free:28.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=135 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 28.04.2014, 08:50   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich "verseuchten" Laptop wieder fit machen - Standard

Vermutlich "verseuchten" Laptop wieder fit machen



Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Vermutlich "verseuchten" Laptop wieder fit machen
alten, aufbau, brauch, durchchecken, entferne, hoffe, installiert, interne, internetseite, laptop, leistung, neue, problem, richtig, schluß, seite, seitenaufbau, toolbar, tot, usb, vermutlich, verseuchte, wiederherstellung, wiedermal, zwischen



Ähnliche Themen: Vermutlich "verseuchten" Laptop wieder fit machen


  1. Wie sicher ist Sandbox bei öffnen von "verseuchten" exe files
    Antiviren-, Firewall- und andere Schutzprogramme - 21.04.2015 (16)
  2. win 7 firefox langsam "keine Rückmeldung" immer wieder Meldung "ein skript auf dieser Seite ist eventuell beschädigt...."
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (11)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...)
    Log-Analyse und Auswertung - 21.08.2014 (6)
  5. Wie bekomme ich "istart.webssearches.com"wieder vom Laptop?
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (1)
  6. Windows 7: vermutlich infizierte Mail "Luftfrachsendung AWB" Attachment geöffnet
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (15)
  7. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  8. Mein Laptop soll vom "Dealfinder" und vom "HolenMediaPlayer" bereinigt werden
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (7)
  9. Laptop nach GVU-Trojaner Befall wieder am Laufen aber bestimmt noch nicht "sauber"
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (11)
  10. Zusätzliche Einträge in "Dienste" - vermutlich verursacht durch Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (9)
  11. Banking-Trojaner "Gauss" vermutlich mit staatlichem Auftrag
    Nachrichten - 09.08.2012 (0)
  12. "Polizei-Trojaner - österr. Variante" - Ist mein PC wieder "sauber"?
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  13. Nicht sicher, ob PC nach "System Fix" Entfernung wieder "sauber"
    Log-Analyse und Auswertung - 07.01.2012 (18)
  14. viren "Trojan:Win32/Bumat!rts" und "Exploit Java/CVE-2010-0840.ew" auf Laptop
    Plagegeister aller Art und deren Bekämpfung - 05.10.2011 (8)
  15. Laptop langsam, "sbs_ve_ambr" immer wieder entdeckt und selbstverschickte Emails?
    Log-Analyse und Auswertung - 05.06.2011 (13)
  16. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  17. HILFE "Auto:Blank" und "Best of" machen mich fertig, hier mein Escan!!
    Log-Analyse und Auswertung - 09.04.2005 (5)

Zum Thema Vermutlich "verseuchten" Laptop wieder fit machen - Hallo, ich brauch wiedermal eure Hilfe. Ich habe von meinem Schwiegervater seinen "alten" Laptop bekommen. Meiner ist zwar älter und der Akku is inzwischen auch tot, aber läuft eigentlich besser. - Vermutlich "verseuchten" Laptop wieder fit machen...
Archiv
Du betrachtest: Vermutlich "verseuchten" Laptop wieder fit machen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.