Windows 8.1 vermutlich Yahoo Smartbar Nachwirkungen

Dumpfmuff · 15.09.2014, 21:42

Hallo ihr Lieben,

auf meinem Laptop befand sich versehentlich die Yahoo Smartbar, diese habe ich mit mit dem adwCleaner entfernen können. Die Symptome blieben leider dennoch - zum Beispiel öffnen sich sehr viele Pop-Ups und neue Reiter im Browser. Habe deshalb auch noch diverse andere Programme drüber laufen lassen (auf anraten). Die jeweiligen logfiles folgen untern.
Jedenfalls ist das Problem immer noch nicht behoben - die Popups und Reiter öffnen sich immer noch und ich bilde mir ein, dass der Laptop auch wesentlich langsamer ist.
Ich hoffe, dass jemand was weiß - und sorry, dass ich bereits rumgepfuscht habe

Danke im Voraus und liebe Grüße!

ESET:

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b330b1fa63c3cb428b7259068c1ccac9
# engine=20160
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-15 02:27:40
# local_time=2014-09-15 04:27:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 4526 68102 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 2501405 15174781 0 0
# scanned=317147
# found=45
# cleaned=0
# scan_time=2296
sh=5B4C608466C41030C725E7130748BD9E3265BDC7 ft=1 fh=1688f5c63dadf290 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\RockTurnerUninstall.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\updateRockTurner.exe.vir"
sh=98208B5934B8A45DED1983C73394C8374D47B54D ft=1 fh=9222cb770130a1c9 vn="Win32/BrowseFox.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\825c5be7672f4c149929.dll.vir"
sh=88344676AE7EC384AA2CD0B49F21824392A993E1 ft=1 fh=549419091722ecd2 vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter.exe.vir"
sh=66A53E43BD3621C8CED5CEC2118568EEEE5E9527 ft=1 fh=409b08e2805576ff vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.PurBrowse64.exe.vir"
sh=21F165B262C72168BA2045CE43420DC9AC29AF8F ft=1 fh=eccd15cdda56d554 vn="Variante von MSIL/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurnerBrowserFilter.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe.vir"
sh=55B6814C83CA458092F8D61F1E027FDC32139AFA ft=1 fh=b0b3d9378fd83c0f vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\{825c5be7-672f-4c14-9929-48a3a5e1a660}.dll.vir"
sh=8E64B7598C0A1356A1758E01E44740A4D465B291 ft=1 fh=b4c41fac01e6c50b vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.Bromon.dll.vir"
sh=99AE4D623D73AE19AC9146ED8027199B7481B8FF ft=1 fh=e2bdb051e5c12800 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BroStats.dll.vir"
sh=D53D104E1136AB381AA16B3593F68B8F48C714B1 ft=1 fh=ac0f1326e92b9f75 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserAdapter.dll.vir"
sh=45A22DB9D993F6F478E2B79496FDE259A727B99C ft=1 fh=9683c93edfb1e1b1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserFilter.dll.vir"
sh=5DBA5227AE54B6BA211158DBF2CB41EA25F2CBD6 ft=1 fh=b05af5fc10b34038 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.CompatibilityChecker.dll.vir"
sh=F8C81AC24B469D4DB07595A433739D639802127E ft=1 fh=78d7bff352cad077 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.FeSvc.dll.vir"
sh=A8EB8BBD67C46380F1284209BF53E221AFF6DB23 ft=1 fh=ae4a680cb2f00024 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.PurBrowse.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srptc.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vi r"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vi r"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vi r"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vi r"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vi r"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vi r"
sh=D140D668052AB3165C83C074A8030A26226CF798 ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js.vir"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe"
sh=9FDBAE27385AA5C27BAE73F531F43654213CBA37 ft=1 fh=d01d64934ea6fe8c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Admin\AppData\Local\Temp\{1BC0A01B-1ECB-4122-A658-C08B849217B4}\setup.exe"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\jBNUNreau.exe"
sh=393BA758A9A668CF199606C2DA3D028FB4809574 ft=1 fh=8852912e32564913 vn="Variante von Win32/Bundled.Toolbar.Ask.A potenziell unsichere Anwendung" ac=I fn="D:\Nero\Setupx.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b330b1fa63c3cb428b7259068c1ccac9
# engine=20163
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-15 03:15:51
# local_time=2014-09-15 05:15:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 7417 70993 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 2504296 15177672 0 0
# scanned=317160
# found=46
# cleaned=45
# scan_time=2507
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\OjApalQ.exe"
sh=5B4C608466C41030C725E7130748BD9E3265BDC7 ft=1 fh=1688f5c63dadf290 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\RockTurnerUninstall.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\updateRockTurner.exe.vir"
sh=98208B5934B8A45DED1983C73394C8374D47B54D ft=1 fh=9222cb770130a1c9 vn="Win32/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\825c5be7672f4c149929.dll.vir"
sh=88344676AE7EC384AA2CD0B49F21824392A993E1 ft=1 fh=549419091722ecd2 vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter.exe.vir"
sh=AB19F3E5A924A6F1A6C441FC9FA6EF10C3B8C5C6 ft=1 fh=9a392544c37b2320 vn="Win64/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter64.exe.vir"
sh=66A53E43BD3621C8CED5CEC2118568EEEE5E9527 ft=1 fh=409b08e2805576ff vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.PurBrowse64.exe.vir"
sh=21F165B262C72168BA2045CE43420DC9AC29AF8F ft=1 fh=eccd15cdda56d554 vn="Variante von MSIL/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurnerBrowserFilter.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe.vir"
sh=55B6814C83CA458092F8D61F1E027FDC32139AFA ft=1 fh=b0b3d9378fd83c0f vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\{825c5be7-672f-4c14-9929-48a3a5e1a660}.dll.vir"
sh=8E64B7598C0A1356A1758E01E44740A4D465B291 ft=1 fh=b4c41fac01e6c50b vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.Bromon.dll.vir"
sh=99AE4D623D73AE19AC9146ED8027199B7481B8FF ft=1 fh=e2bdb051e5c12800 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BroStats.dll.vir"
sh=D53D104E1136AB381AA16B3593F68B8F48C714B1 ft=1 fh=ac0f1326e92b9f75 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserAdapter.dll.vir"
sh=45A22DB9D993F6F478E2B79496FDE259A727B99C ft=1 fh=9683c93edfb1e1b1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserFilter.dll.vir"
sh=5DBA5227AE54B6BA211158DBF2CB41EA25F2CBD6 ft=1 fh=b05af5fc10b34038 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.CompatibilityChecker.dll.vir"
sh=F8C81AC24B469D4DB07595A433739D639802127E ft=1 fh=78d7bff352cad077 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.FeSvc.dll.vir"
sh=A8EB8BBD67C46380F1284209BF53E221AFF6DB23 ft=1 fh=ae4a680cb2f00024 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.PurBrowse.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srptc.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vi r"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vi r"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vi r"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vi r"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vi r"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vi r"
sh=D140D668052AB3165C83C074A8030A26226CF798 ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js.vir"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe"
sh=9FDBAE27385AA5C27BAE73F531F43654213CBA37 ft=1 fh=d01d64934ea6fe8c vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Admin\AppData\Local\Temp\{1BC0A01B-1ECB-4122-A658-C08B849217B4}\setup.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\jBNUNreau.exe"
sh=393BA758A9A668CF199606C2DA3D028FB4809574 ft=1 fh=8852912e32564913 vn="Variante von Win32/Bundled.Toolbar.Ask.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Nero\Setupx.exe"

Malwarebytes Antimalware:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15.09.2014
Scan Time: 14:51:26
Logfile: malwarelog.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.09.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 298032
Time Elapsed: 6 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Quarantined, [9faa916e86f488ae4a93bf80d2300cf4],

Registry Values: 0
(No malicious items detected)

Registry Data: 3
PUP.Optional.HelperBar.A, HKU\S-1-5-21-571259133-1047198708-711232099-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}),Replaced,[85c40bf4760438fe321945eada2a827e]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-571259133-1047198708-711232099-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}),Replaced,[f3568976b6c4ec4aa9a5f03f37cd29d7]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-571259133-1047198708-711232099-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATcBnedvee5vdJocqmSNNwokXuqVxx2ewaPYke2aCNgmJiW3Tg-XCj11Y3QdOfqGN0-_tlDvxjSs9u9n93sEJ-rDyrqk_pZuclVyE6YBdtrYZ5XaRf0Gs_uKrbfSW-m8KTWXBwi-qjNYcTJbEdjsfPQsB7vG9CxUL9pMivwnqJR_o4I,&q={searchTerms}),Replaced,[0049936c017914221e31f6393fc5e61a]

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.SmartBar.A, C:\Windows\Installer\8b8df559.msi, Quarantined, [9cadc63906740d299727e5906f919070],

Physical Sectors: 0
(No malicious items detected)

(end)

adwCleaner:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 14/09/2014 um 22:24:51
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : Admin - MILAN-VAIO
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Update Rock Turner
[#] Dienst Gelöscht : Util Rock Turner
Dienst Gelöscht : {825c5be7-672f-4c14-9929-48a3a5e1a660}w64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Browser
[!] Ordner Gelöscht : C:\Program Files (x86)\Rock Turner
[!] Ordner Gelöscht : C:\Program Files (x86)\Rock Turner
Ordner Gelöscht : C:\Users\Admin\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Temp\Rock Turner
Ordner Gelöscht : C:\Users\Admin\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\loadtbs
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\LookThisUp
Ordner Gelöscht : C:\Users\Admin\Documents\Optimizer Pro
Datei Gelöscht : C:\Windows\System32\drivers\{825c5be7-672f-4c14-9929-48a3a5e1a660}w64.sys
Datei Gelöscht : C:\Users\Administrator\Favorites\eBay.lnk
Datei Gelöscht : C:\Users\Milan\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\88m3yowo.default\invalidprefs.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LookThisUp]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Rock Turner
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Rock Turner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\SecuredDownload
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Rock Turner
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Rock Turner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rock Turner
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v32.0.1 (x86 en-GB)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\88m3yowo.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "20534b9700000000000000214fbc81dd");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15938");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.68:29:39");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121564&tsp=4981");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

*************************

AdwCleaner[R0].txt - [13122 octets] - [14/09/2014 22:22:54]
AdwCleaner[S0].txt - [10380 octets] - [14/09/2014 22:24:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10441 octets] ##########

--- --- ---
Junkware Removal Tool:JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Admin on 15.09.2014 at 15:14:33,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\88m3yowo.default\minidumps [122 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.09.2014 at 15:22:21,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

schrauber · 15.09.2014, 22:32

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Dumpfmuff · 16.09.2014, 07:48

hallo schrauber,

hier die ergebnisse:

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Admin (administrator) on MILAN-VAIO on 16-09-2014 08:36:13
Running from C:\Users\Admin\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Interesting Solutions) C:\Users\Admin\AppData\Local\Temp\NOD2C0.tmp
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-09-25] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-15] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:50300;https=127.0.0.1:50300
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\88m3yowo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 5677E5059C72B774040548266AC82556066B80E7FE4155C56266C79716D832E5
CHR DefaultSearchProvider: Default -> DF80D2B1533F15F8AD165ECF5E594FBDE110A8DFC66600242E6A75486FBB2A7D
CHR DefaultSearchURL: Default -> 643038AF863DCFD595AC660607D538DBB059F4C9585F9A4A422FE5E33FE37EDF
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-14]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-14]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-14]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-26] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-28] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-26] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
R2 OjApalQ; "C:\ProgramData\xKvwGKyYh\OjApalQ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-14] ()
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-28] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-11-15] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-26] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-25] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 08:36 - 2014-09-16 08:36 - 00020487 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-16 08:36 - 2014-09-16 08:36 - 00000000 ____D () C:\FRST
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood
2014-09-15 21:42 - 2014-09-15 22:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 17:24 - 2014-09-15 17:24 - 00854417 _____ () C:\Users\Admin\Downloads\SecurityCheck.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:07 - 2014-09-15 15:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 14:51 - 2014-09-15 22:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 14:50 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 14:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 14:48 - 2014-09-15 15:03 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:47 - 2014-09-15 14:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 22:56 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-14 22:56 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 22:56 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 22:56 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 22:56 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 22:56 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 22:56 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-14 22:56 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-14 22:56 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-14 22:56 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-14 22:56 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 22:56 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 22:56 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 22:56 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-14 22:56 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 22:56 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 22:56 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 22:56 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 22:56 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-14 22:56 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-14 22:56 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-14 22:56 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-14 22:56 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-14 22:56 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-14 22:56 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-14 22:56 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-14 22:56 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-14 22:56 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-14 22:56 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-14 22:56 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-14 22:56 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-14 22:56 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:40 - 2014-09-16 08:29 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 22:40 - 2014-09-15 22:45 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:22 - 2014-09-15 22:36 - 00000000 ____D () C:\AdwCleaner
2014-09-14 22:16 - 2014-09-15 22:39 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-15 10:11 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:32 - 2014-09-14 21:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 20:24 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-14 20:24 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 20:24 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-14 20:24 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-14 20:24 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 20:24 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-14 20:24 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-14 20:24 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-14 20:24 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-14 20:24 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-14 20:24 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-14 20:24 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-14 20:24 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-14 20:24 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-14 20:24 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-14 20:24 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-14 20:24 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-14 20:24 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-14 20:24 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 20:24 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-14 20:24 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-14 20:24 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-14 20:24 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-14 20:24 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-14 20:24 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-14 20:24 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-14 20:24 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 20:24 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-14 20:24 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-14 20:24 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-14 20:24 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-14 20:24 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-14 20:24 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-14 20:24 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-14 20:24 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-14 20:24 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-14 20:24 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-14 20:24 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 20:24 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-14 20:24 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-14 20:24 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 20:24 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 20:24 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-14 20:24 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-14 20:24 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 20:24 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-14 20:24 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 20:24 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-14 20:24 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-14 20:24 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-14 20:24 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-14 20:24 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-14 20:24 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-14 20:24 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-14 20:24 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-14 20:24 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-14 20:24 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 20:24 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 20:24 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-14 20:24 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-14 20:24 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-14 20:24 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-14 20:24 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-14 20:24 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-14 20:24 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-14 20:24 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 20:24 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-14 20:24 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-14 20:24 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-14 20:23 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-14 20:23 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-14 20:23 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-14 20:23 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-14 20:23 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-14 20:23 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-14 20:23 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-14 20:23 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-14 20:23 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 20:23 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-14 20:23 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-14 20:23 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-14 20:23 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-14 20:23 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 20:16 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-14 20:16 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-14 20:16 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-14 11:13 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 11:13 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 11:13 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 11:13 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 11:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 11:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 20:15 - 2014-09-14 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-15 17:12 - 00000000 ____D () C:\ProgramData\xKvwGKyYh
2014-09-13 20:05 - 2014-09-14 22:42 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 16:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-13 12:16 - 2014-09-15 16:07 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-13 12:16 - 2014-08-11 16:16 - 00028152 _____ () C:\Users\Admin\Desktop\akkermann.odt
2014-09-13 12:16 - 2014-08-09 17:21 - 00020985 _____ () C:\Users\Admin\Desktop\hirbel.odt
2014-09-13 12:14 - 2014-09-15 14:00 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-13 12:12 - 2014-09-15 11:59 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:03 - 2014-09-15 16:05 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-03 19:48 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-03 19:48 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-17 17:56 - 2014-09-16 08:29 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio
2014-08-17 17:56 - 2014-08-17 17:56 - 00003100 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-571259133-1047198708-711232099-1002
2014-08-17 17:56 - 2014-08-17 17:56 - 00000000 ___RD () C:\Users\Admin\OneDrive
2014-08-17 17:47 - 2014-08-17 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-08-17 17:27 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-08-17 17:23 - 2014-08-17 17:24 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (3).exe
2014-08-17 17:14 - 2014-08-17 17:15 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (2).exe
2014-08-17 17:09 - 2014-08-17 17:09 - 00003134 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-08-17 17:09 - 2014-08-17 17:09 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast
2014-08-17 17:09 - 2014-06-02 16:24 - 00000426 _____ () C:\AVScanner.ini
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieUserList
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieSiteList
2014-08-17 17:08 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-17 17:08 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-17 17:08 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-17 17:08 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-08-17 17:08 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-08-17 17:08 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-08-17 17:08 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-08-17 17:08 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-08-17 17:02 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 17:02 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-17 17:02 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-17 17:02 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 17:02 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-17 17:02 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-17 17:01 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-17 17:01 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-17 17:01 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-17 17:01 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-17 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 17:01 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-17 17:01 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-08-17 17:01 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-08-17 17:01 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-08-17 17:01 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-08-17 17:01 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-08-17 17:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-17 17:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-17 17:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-17 17:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-17 17:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-17 17:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-17 17:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-17 17:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-17 17:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-17 17:01 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-17 17:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-17 17:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-17 17:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-17 17:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-17 17:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-17 17:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-17 17:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-17 17:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-17 17:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-17 17:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-17 17:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-17 17:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-17 17:01 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-08-17 17:01 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-08-17 17:01 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-08-17 17:01 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-08-17 17:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-17 17:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-17 17:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-17 17:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-17 17:01 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-08-17 17:01 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-17 17:01 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-17 17:01 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-17 17:01 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-17 17:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-17 17:00 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-17 17:00 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-17 17:00 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-17 17:00 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 17:00 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 17:00 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 17:00 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-17 17:00 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-17 17:00 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-17 17:00 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-17 17:00 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-17 17:00 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-17 17:00 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-17 17:00 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-17 17:00 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-17 17:00 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-17 17:00 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-08-17 17:00 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-17 17:00 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-17 17:00 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-08-17 17:00 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-08-17 17:00 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-17 17:00 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-08-17 17:00 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-17 17:00 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-08-17 17:00 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-17 17:00 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-08-17 17:00 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-08-17 17:00 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-08-17 17:00 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-08-17 17:00 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-08-17 17:00 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-08-17 17:00 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-17 17:00 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-08-17 17:00 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-08-17 17:00 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-08-17 17:00 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-08-17 17:00 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-08-17 17:00 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-08-17 17:00 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-08-17 17:00 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-17 17:00 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-17 17:00 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-17 17:00 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-08-17 17:00 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-08-17 17:00 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-08-17 17:00 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-08-17 17:00 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-08-17 17:00 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-08-17 17:00 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-17 17:00 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-08-17 17:00 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-08-17 17:00 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-17 17:00 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-08-17 17:00 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-08-17 17:00 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-08-17 17:00 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-08-17 17:00 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-08-17 17:00 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-08-17 17:00 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-08-17 17:00 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-17 17:00 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-08-17 17:00 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-17 17:00 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-08-17 17:00 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-08-17 17:00 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-08-17 17:00 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-08-17 17:00 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-08-17 17:00 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-08-17 17:00 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-08-17 17:00 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-08-17 17:00 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-08-17 17:00 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-08-17 17:00 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-17 17:00 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-08-17 17:00 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-08-17 17:00 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-08-17 17:00 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-17 17:00 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-17 17:00 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-08-17 17:00 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-08-17 16:58 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-08-17 16:58 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-08-17 16:58 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-08-17 16:58 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-08-17 16:58 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-08-17 16:37 - 2014-08-17 16:37 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (1).exe
2014-08-17 16:34 - 2014-08-17 16:34 - 00002188 _____ () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ___RD () C:\Users\Milan\SkyDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-08-17 16:32 - 2014-09-14 10:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-17 16:31 - 2014-08-17 16:31 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 08:36 - 2014-09-16 08:36 - 00020487 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-16 08:36 - 2014-09-16 08:36 - 00000000 ____D () C:\FRST
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-16 08:34 - 2014-05-30 21:51 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571259133-1047198708-711232099-1002
2014-09-16 08:32 - 2014-05-30 22:32 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F13ADF59-9BBD-4280-B837-AB3EDE921A19}
2014-09-16 08:30 - 2014-01-10 04:13 - 01657200 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 08:29 - 2014-09-14 22:40 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 08:29 - 2014-08-17 17:56 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio
2014-09-16 08:29 - 2014-05-30 21:54 - 00000000 __RDO () C:\Users\Admin\SkyDrive
2014-09-16 08:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-15 22:47 - 2014-09-15 21:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 22:45 - 2014-09-14 22:40 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 22:39 - 2014-09-14 22:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-15 22:36 - 2014-09-14 22:22 - 00000000 ____D () C:\AdwCleaner
2014-09-15 22:12 - 2014-09-15 14:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood
2014-09-15 21:49 - 2013-08-22 16:46 - 00022813 _____ () C:\Windows\setupact.log
2014-09-15 21:45 - 2014-05-30 21:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 17:24 - 2014-09-15 17:24 - 00854417 _____ () C:\Users\Admin\Downloads\SecurityCheck.exe
2014-09-15 17:12 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\xKvwGKyYh
2014-09-15 16:07 - 2014-09-13 12:16 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-15 16:05 - 2014-09-13 12:03 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:25 - 2014-01-10 13:04 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 15:25 - 2014-01-10 13:04 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 15:25 - 2013-09-13 23:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:12 - 2013-09-13 23:00 - 00013220 _____ () C:\Windows\PFRO.log
2014-09-15 15:12 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 15:12 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:09 - 2014-09-15 15:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 15:03 - 2014-09-15 14:48 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:49 - 2014-09-15 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 14:00 - 2014-09-13 12:14 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-15 13:10 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-09-15 11:59 - 2014-09-13 12:12 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-15 10:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-15 10:11 - 2014-09-14 21:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 22:59 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-14 22:59 - 2013-08-22 16:44 - 00563120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 22:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-14 22:57 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 22:54 - 2014-05-31 18:59 - 00000000 ____D () C:\Update
2014-09-14 22:54 - 2014-01-10 04:21 - 00015446 _____ () C:\Windows\system32\results.xml
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:53 - 2014-01-10 13:05 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 22:53 - 2014-01-10 04:26 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-09-14 22:52 - 2014-01-10 04:12 - 00033590 _____ () C:\Windows\DPINST.LOG
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:42 - 2014-09-13 20:05 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-14 22:42 - 2014-05-30 22:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-09-14 22:41 - 2014-05-30 22:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:24 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:33 - 2014-09-14 21:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:29 - 2014-05-30 22:08 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-14 21:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:28 - 2014-05-30 22:03 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-14 21:26 - 2014-06-02 16:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 21:26 - 2014-01-10 04:47 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-14 20:26 - 2014-06-02 16:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Intel_Corporation
2014-09-14 20:14 - 2014-09-13 20:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-14 11:18 - 2014-08-08 17:21 - 00000294 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-14 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-14 10:53 - 2014-08-17 16:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-13 23:33 - 2014-06-02 15:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 23:31 - 2014-06-02 15:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 20:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Resources
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 12:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-13 12:19 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:04 - 2014-05-30 21:32 - 00000000 ____D () C:\Users\Admin
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-10 13:07 - 2014-09-13 12:16 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-10 13:07 - 2014-09-13 12:16 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-02 22:06 - 2014-06-02 15:55 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-06-02 15:55 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 03:58 - 2014-09-14 22:56 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-29 03:32 - 2014-09-14 22:56 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-29 02:59 - 2014-09-14 22:56 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-29 01:56 - 2014-09-14 22:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-29 01:47 - 2014-09-14 22:56 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-26 00:27 - 2014-09-14 22:56 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 09:48 - 2014-09-14 22:56 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-14 22:56 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 22:56 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 22:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 22:56 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 22:56 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 22:56 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 22:56 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 22:56 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-17 18:04 - 2014-04-28 15:02 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571259133-1047198708-711232099-1001
2014-08-17 18:00 - 2014-01-10 04:40 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-17 17:56 - 2014-08-17 17:56 - 00003100 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-571259133-1047198708-711232099-1002
2014-08-17 17:56 - 2014-08-17 17:56 - 00000000 ___RD () C:\Users\Admin\OneDrive
2014-08-17 17:47 - 2014-08-17 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-17 17:24 - 2014-08-17 17:23 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (3).exe
2014-08-17 17:15 - 2014-08-17 17:14 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (2).exe
2014-08-17 17:09 - 2014-08-17 17:09 - 00003134 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-08-17 17:09 - 2014-08-17 17:09 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast
2014-08-17 17:09 - 2014-06-02 16:23 - 00000000 ____D () C:\ProgramData\Sony
2014-08-17 17:09 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieUserList
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieSiteList
2014-08-17 17:08 - 2014-01-10 05:09 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-08-17 16:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 16:43 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-08-17 16:37 - 2014-08-17 16:37 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (1).exe
2014-08-17 16:34 - 2014-08-17 16:34 - 00002188 _____ () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ___RD () C:\Users\Milan\SkyDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-08-17 16:34 - 2014-04-28 14:53 - 00000000 ____D () C:\Users\Milan
2014-08-17 16:32 - 2014-04-28 14:54 - 00000000 ____D () C:\Users\Milan\AppData\Local\VirtualStore
2014-08-17 16:31 - 2014-08-17 16:31 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_.exe
2014-08-17 16:20 - 2014-05-30 21:26 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDD30D84-ED30-4992-9780-B874F34D8221}

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-15 10:19

==================== End Of Log ============================

--- --- ---

Dumpfmuff · 16.09.2014, 07:49

leider hat nicht alles in einen beitrag gepasst, deshalb hier addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Admin at 2014-09-16 08:37:38
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.08)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.1.11200 - Sony Corporation)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
InstaShare (HKLM-x32\...\InstaShare) (Version: 3.0.11 - Interesting Solutions)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.05.3000.0599 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.5.0.0096 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.1) (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{4F4D1244-12E7-4D6C-803D-3B16C13E8912}) (Version: 4.2.41.2633 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1c7272f2-45cf-469f-b7e9-17c6b212549c}) (Version: 16.5.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LookThisUp (HKLM\...\LookThisUp) (Version: 1.0 - LookThisUp)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-GB)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.6.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.28144 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7064 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-571259133-1047198708-711232099-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-09-2014 19:32:54 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0A18CA2F-0B98-4178-B8A0-56D9C7E1F3CC} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {16D1C1DD-8CE4-40BD-ABDF-808778BD6C1E} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {201BD63D-5CD5-43F9-B79C-2DE32B284A60} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {27EC2A7C-3AB3-43C0-89FF-CE4000906644} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {28066496-8D9F-4F42-8CC3-7DB416E7B025} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {29DB414B-2124-4F74-9C5F-D7C895C292E1} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {2AD2FA0D-63A9-44D1-8FE3-288AA19886E5} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30410327-D329-4625-A083-19D9F011A8D6} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeStart => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-08-14] (Sony Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41B5DC75-9583-4A24-A96B-E46AAB7A1B80} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {4604EFC5-CCFB-4276-898F-88382F374C06} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F46B3FE-EC74-48F3-8239-C7338FFFE80B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {505B6728-B557-4A2E-9B69-1A1A040F23DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-14] (AVAST Software)
Task: {59AABD85-D76E-49B1-B8F6-0342D4F41C13} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {5EA88FE1-F458-4F70-87CF-3E9BCE252E7D} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {5F800AE2-E1AE-48EA-A03F-138D1E11222B} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {601D3B19-3677-4BA9-92EC-317AD7EAA324} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {631D6E40-A34F-4F21-AD95-61030F2CD05A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70C72FFA-DDC5-4D8C-86E4-60A5D269FAC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {723B5B06-260E-476A-B828-5426E518DB3C} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7442E966-A406-4EAC-A7C2-D669B3621950} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-13] (Microsoft Corporation)
Task: {75A59C61-FAB7-482F-928D-F652FC45DFAF} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {75DF1AF9-051D-4119-A0FE-0ECBD603448A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {8139B8D8-AC5B-4832-8D9C-C400B46890DA} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {90E964DB-B7C3-4796-90E8-3F0DA3303C1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-15] (Adobe Systems Incorporated)
Task: {93B27CD2-A219-4C62-95E9-BD3E76660601} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeEnd => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-08-14] (Sony Corporation)
Task: {942E865A-8810-4500-B7D5-CD53AD827ED3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {96343898-E8AB-46D8-9283-6C390EA77D31} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {96CE4702-3867-425A-A713-011A40FCA912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-14] (Google Inc.)
Task: {994DEA2A-75CB-404E-A515-507D68D4439B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9B1FCA0F-FAAB-464A-9A3F-52D3C5ADAE0A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A1A8EA3D-8824-4C31-8477-8596D9776191} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {A33A4FB8-E9E3-443F-88A7-A8045EC933AD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-13] (Microsoft Corporation)
Task: {A475C701-66FD-4B3B-8ED9-D0379B8B363A} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {A5C52447-518E-4704-ABD5-3445E7CB9DD3} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {AA29A8C6-1CFB-48F9-AFEC-56877F232848} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {AA78D2D8-FE59-4ED5-BAE3-671AFC87F856} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {B97EDA55-8741-4D98-B99A-C3607C4B5FDA} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {BE4F8253-4F26-4E84-9E6F-654196F24207} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {C4B0D1AB-BAF4-4459-9BD6-312199F8C0DA} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-571259133-1047198708-711232099-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DF5C0279-87E4-45A6-B13A-51376B8F5FAF} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {E43B14F8-73E5-4B52-89D1-26FD4E5D3EA1} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EB4EF278-EA7C-4FC6-A831-9E70E37DFCBA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-13] (Microsoft Corporation)
Task: {F1EBE386-E7E2-4B12-A292-41B388CA18C8} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F6F88823-3497-4714-AAA1-61DCB964EF5A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {FA88C9E3-E724-413B-8009-04B1CFB98ABE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-14] (Google Inc.)
Task: {FC822579-C2DC-4569-BA23-63015DC8FCF1} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-17 16:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00198120 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 18:12 - 2013-11-07 18:12 - 00054760 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 18:12 - 2013-11-07 18:12 - 00034792 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-09-14 21:33 - 2014-09-14 21:33 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-14 22:09 - 2014-09-14 22:09 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091401\algo.dll
2014-09-15 21:44 - 2014-09-15 21:44 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091501\algo.dll
2014-01-10 04:19 - 2013-09-26 08:59 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-17 16:40 - 2014-08-17 17:16 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-08-17 16:38 - 2014-08-17 16:38 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-09-14 21:33 - 2014-09-14 21:33 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-13 17:31 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-15 15:13 - 2014-09-15 15:13 - 01186160 ____N () C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Admin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (1).exe:BDU
AlternateDataStreams: C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (2).exe:BDU
AlternateDataStreams: C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (3).exe:BDU
AlternateDataStreams: C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKCU\...\StartupApproved\Run: => "Browser Infrastructure Helper"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2014 10:08:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (09/15/2014 03:26:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (09/15/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (09/15/2014 10:38:55 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:38:25 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:37:55 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:37:25 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:36:55 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:36:25 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:35:55 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:34:38 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:34:08 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (09/15/2014 10:12:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAN-VAIO)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (09/15/2014 10:08:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/15/2014 03:26:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe

Error: (09/15/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 4001.39 MB
Available physical RAM: 2272.76 MB
Total Pagefile: 4705.39 MB
Available Pagefile: 2665.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.66 GB) (Free:60.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BDE2DFAE)

Partition: GPT Partition Type.

==================== End Of Log ============================

Ich hoffe, es sieht nicht allzu schlimm aus

schrauber · 16.09.2014, 19:40

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Dumpfmuff · 16.09.2014, 20:39

okay, es geht los

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b330b1fa63c3cb428b7259068c1ccac9
# engine=20160
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-15 02:27:40
# local_time=2014-09-15 04:27:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 4526 68102 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 2501405 15174781 0 0
# scanned=317147
# found=45
# cleaned=0
# scan_time=2296
sh=5B4C608466C41030C725E7130748BD9E3265BDC7 ft=1 fh=1688f5c63dadf290 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\RockTurnerUninstall.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\updateRockTurner.exe.vir"
sh=98208B5934B8A45DED1983C73394C8374D47B54D ft=1 fh=9222cb770130a1c9 vn="Win32/BrowseFox.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\825c5be7672f4c149929.dll.vir"
sh=88344676AE7EC384AA2CD0B49F21824392A993E1 ft=1 fh=549419091722ecd2 vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter.exe.vir"
sh=66A53E43BD3621C8CED5CEC2118568EEEE5E9527 ft=1 fh=409b08e2805576ff vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.PurBrowse64.exe.vir"
sh=21F165B262C72168BA2045CE43420DC9AC29AF8F ft=1 fh=eccd15cdda56d554 vn="Variante von MSIL/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurnerBrowserFilter.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe.vir"
sh=55B6814C83CA458092F8D61F1E027FDC32139AFA ft=1 fh=b0b3d9378fd83c0f vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\{825c5be7-672f-4c14-9929-48a3a5e1a660}.dll.vir"
sh=8E64B7598C0A1356A1758E01E44740A4D465B291 ft=1 fh=b4c41fac01e6c50b vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.Bromon.dll.vir"
sh=99AE4D623D73AE19AC9146ED8027199B7481B8FF ft=1 fh=e2bdb051e5c12800 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BroStats.dll.vir"
sh=D53D104E1136AB381AA16B3593F68B8F48C714B1 ft=1 fh=ac0f1326e92b9f75 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserAdapter.dll.vir"
sh=45A22DB9D993F6F478E2B79496FDE259A727B99C ft=1 fh=9683c93edfb1e1b1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserFilter.dll.vir"
sh=5DBA5227AE54B6BA211158DBF2CB41EA25F2CBD6 ft=1 fh=b05af5fc10b34038 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.CompatibilityChecker.dll.vir"
sh=F8C81AC24B469D4DB07595A433739D639802127E ft=1 fh=78d7bff352cad077 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.FeSvc.dll.vir"
sh=A8EB8BBD67C46380F1284209BF53E221AFF6DB23 ft=1 fh=ae4a680cb2f00024 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.PurBrowse.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srptc.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vir"
sh=D140D668052AB3165C83C074A8030A26226CF798 ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js.vir"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe"
sh=9FDBAE27385AA5C27BAE73F531F43654213CBA37 ft=1 fh=d01d64934ea6fe8c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Admin\AppData\Local\Temp\{1BC0A01B-1ECB-4122-A658-C08B849217B4}\setup.exe"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\jBNUNreau.exe"
sh=393BA758A9A668CF199606C2DA3D028FB4809574 ft=1 fh=8852912e32564913 vn="Variante von Win32/Bundled.Toolbar.Ask.A potenziell unsichere Anwendung" ac=I fn="D:\Nero\Setupx.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b330b1fa63c3cb428b7259068c1ccac9
# engine=20163
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-15 03:15:51
# local_time=2014-09-15 05:15:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 7417 70993 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 2504296 15177672 0 0
# scanned=317160
# found=46
# cleaned=45
# scan_time=2507
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\OjApalQ.exe"
sh=5B4C608466C41030C725E7130748BD9E3265BDC7 ft=1 fh=1688f5c63dadf290 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\RockTurnerUninstall.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\updateRockTurner.exe.vir"
sh=98208B5934B8A45DED1983C73394C8374D47B54D ft=1 fh=9222cb770130a1c9 vn="Win32/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\825c5be7672f4c149929.dll.vir"
sh=88344676AE7EC384AA2CD0B49F21824392A993E1 ft=1 fh=549419091722ecd2 vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter.exe.vir"
sh=AB19F3E5A924A6F1A6C441FC9FA6EF10C3B8C5C6 ft=1 fh=9a392544c37b2320 vn="Win64/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.BrowserAdapter64.exe.vir"
sh=66A53E43BD3621C8CED5CEC2118568EEEE5E9527 ft=1 fh=409b08e2805576ff vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurner.PurBrowse64.exe.vir"
sh=21F165B262C72168BA2045CE43420DC9AC29AF8F ft=1 fh=eccd15cdda56d554 vn="Variante von MSIL/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\RockTurnerBrowserFilter.exe.vir"
sh=BCAFDA0D7C070F3E7B725A70D388828DF078018B ft=1 fh=33e7ca7645dee266 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe.vir"
sh=55B6814C83CA458092F8D61F1E027FDC32139AFA ft=1 fh=b0b3d9378fd83c0f vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\{825c5be7-672f-4c14-9929-48a3a5e1a660}.dll.vir"
sh=8E64B7598C0A1356A1758E01E44740A4D465B291 ft=1 fh=b4c41fac01e6c50b vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.Bromon.dll.vir"
sh=99AE4D623D73AE19AC9146ED8027199B7481B8FF ft=1 fh=e2bdb051e5c12800 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BroStats.dll.vir"
sh=D53D104E1136AB381AA16B3593F68B8F48C714B1 ft=1 fh=ac0f1326e92b9f75 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserAdapter.dll.vir"
sh=45A22DB9D993F6F478E2B79496FDE259A727B99C ft=1 fh=9683c93edfb1e1b1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.BrowserFilter.dll.vir"
sh=5DBA5227AE54B6BA211158DBF2CB41EA25F2CBD6 ft=1 fh=b05af5fc10b34038 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.CompatibilityChecker.dll.vir"
sh=F8C81AC24B469D4DB07595A433739D639802127E ft=1 fh=78d7bff352cad077 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.FeSvc.dll.vir"
sh=A8EB8BBD67C46380F1284209BF53E221AFF6DB23 ft=1 fh=ae4a680cb2f00024 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Rock Turner\bin\plugins\RockTurner.PurBrowse.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\LPT\srptc.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vir"
sh=D140D668052AB3165C83C074A8030A26226CF798 ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js.vir"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\OjApalQ.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe"
sh=9FDBAE27385AA5C27BAE73F531F43654213CBA37 ft=1 fh=d01d64934ea6fe8c vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Admin\AppData\Local\Temp\{1BC0A01B-1ECB-4122-A658-C08B849217B4}\setup.exe"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="C:\Users\All Users\xKvwGKyYh\dat\jBNUNreau.exe"
sh=393BA758A9A668CF199606C2DA3D028FB4809574 ft=1 fh=8852912e32564913 vn="Variante von Win32/Bundled.Toolbar.Ask.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Nero\Setupx.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b330b1fa63c3cb428b7259068c1ccac9
# engine=20184
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-16 07:25:55
# local_time=2014-09-16 09:25:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 108821 172397 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 2605700 15279076 0 0
# scanned=318146
# found=10
# cleaned=0
# scan_time=2258
sh=A7ABFA9DE0103D9B9C1F58548F3D0C1B69D74BB3 ft=1 fh=6ee0896d59b2934e vn="Variante von MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\LookThisUp\LookThisUp.exe.vir"
sh=EB2FBEEE5F2033A88D85AA35E7AAA285109E9D19 ft=1 fh=ffb0d8d0bdce1c18 vn="MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\LookThisUp\LookThisUpUninstall.exe.vir"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe"
sh=A136344F5C22C2EBC4916E0C5FB0160FA8DF1E4A ft=1 fh=37bf2696b05d93f7 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\Admin\AppData\Local\Temp\NOD2C0.tmp"
sh=E8C077F0CAD847D49AEDC3DE1986FC4718CA4DAB ft=1 fh=224bfbf125071a23 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\bFESdpT.dll"
sh=046234C17FD1A5C55008CDE17879816219EBF6D2 ft=1 fh=dbc93fcf2ddffb4e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\hNfkZP.exe"
sh=913201B6FEADE95AD0757C9CDCA955599E0A32B7 ft=1 fh=31feb2906d974621 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\xKvwGKyYh\dat\jBNUNreau.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="${Memory}"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (32.0.1) 
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Dumpfmuff · 16.09.2014, 20:39

und frst:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Admin (administrator) on MILAN-VAIO on 16-09-2014 21:35:26
Running from C:\Users\Admin\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Interesting Solutions) C:\Users\Admin\AppData\Local\Temp\NOD2C0.tmp
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
() C:\Program Files (x86)\XMind\XMind.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-09-25] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-15] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:50300;https=127.0.0.1:50300
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\88m3yowo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 5677E5059C72B774040548266AC82556066B80E7FE4155C56266C79716D832E5
CHR DefaultSearchProvider: Default -> DF80D2B1533F15F8AD165ECF5E594FBDE110A8DFC66600242E6A75486FBB2A7D
CHR DefaultSearchURL: Default -> 643038AF863DCFD595AC660607D538DBB059F4C9585F9A4A422FE5E33FE37EDF
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-14]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-14]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-14]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-26] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-28] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-26] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
R2 OjApalQ; "C:\ProgramData\xKvwGKyYh\OjApalQ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-14] ()
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-28] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-11-15] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-26] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-25] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 21:25 - 2014-09-16 21:25 - 00854417 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-09-16 08:37 - 2014-09-16 08:38 - 00032448 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-09-16 08:36 - 2014-09-16 21:35 - 00020491 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-16 08:36 - 2014-09-16 21:35 - 00000000 ____D () C:\FRST
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood
2014-09-15 21:42 - 2014-09-16 20:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:07 - 2014-09-15 15:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 14:51 - 2014-09-15 22:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 14:50 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 14:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 14:48 - 2014-09-15 15:03 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:47 - 2014-09-15 14:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 22:56 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-14 22:56 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 22:56 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 22:56 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 22:56 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 22:56 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 22:56 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-14 22:56 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-14 22:56 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-14 22:56 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-14 22:56 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 22:56 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 22:56 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 22:56 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-14 22:56 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 22:56 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 22:56 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 22:56 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 22:56 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-14 22:56 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-14 22:56 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-14 22:56 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-14 22:56 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-14 22:56 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-14 22:56 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-14 22:56 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-14 22:56 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-14 22:56 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-14 22:56 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-14 22:56 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-14 22:56 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-14 22:56 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:40 - 2014-09-16 20:45 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 22:40 - 2014-09-16 08:29 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:22 - 2014-09-15 22:36 - 00000000 ____D () C:\AdwCleaner
2014-09-14 22:16 - 2014-09-16 16:02 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-15 10:11 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:32 - 2014-09-14 21:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 20:24 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-14 20:24 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 20:24 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-14 20:24 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-14 20:24 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 20:24 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-14 20:24 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-14 20:24 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-14 20:24 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-14 20:24 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-14 20:24 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-14 20:24 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-14 20:24 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-14 20:24 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-14 20:24 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-14 20:24 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-14 20:24 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-14 20:24 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-14 20:24 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 20:24 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-14 20:24 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-14 20:24 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-14 20:24 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-14 20:24 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-14 20:24 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-14 20:24 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-14 20:24 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 20:24 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-14 20:24 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-14 20:24 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-14 20:24 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-14 20:24 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-14 20:24 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-14 20:24 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-14 20:24 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-14 20:24 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-14 20:24 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-14 20:24 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 20:24 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-14 20:24 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-14 20:24 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 20:24 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 20:24 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-14 20:24 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-14 20:24 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 20:24 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-14 20:24 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 20:24 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-14 20:24 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-14 20:24 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-14 20:24 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-14 20:24 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-14 20:24 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-14 20:24 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-14 20:24 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-14 20:24 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-14 20:24 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 20:24 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 20:24 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-14 20:24 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-14 20:24 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-14 20:24 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-14 20:24 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-14 20:24 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-14 20:24 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-14 20:24 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 20:24 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-14 20:24 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-14 20:24 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-14 20:23 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-14 20:23 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-14 20:23 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-14 20:23 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-14 20:23 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-14 20:23 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-14 20:23 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-14 20:23 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-14 20:23 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 20:23 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-14 20:23 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-14 20:23 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-14 20:23 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-14 20:23 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 20:16 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-14 20:16 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-14 20:16 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-14 11:13 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 11:13 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 11:13 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 11:13 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 11:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 11:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 20:15 - 2014-09-14 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-15 17:12 - 00000000 ____D () C:\ProgramData\xKvwGKyYh
2014-09-13 20:05 - 2014-09-14 22:42 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 16:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-13 12:16 - 2014-09-15 16:07 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-13 12:16 - 2014-08-11 16:16 - 00028152 _____ () C:\Users\Admin\Desktop\akkermann.odt
2014-09-13 12:16 - 2014-08-09 17:21 - 00020985 _____ () C:\Users\Admin\Desktop\hirbel.odt
2014-09-13 12:14 - 2014-09-15 14:00 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-13 12:12 - 2014-09-15 11:59 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:03 - 2014-09-15 16:05 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-03 19:48 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-03 19:48 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-17 17:56 - 2014-09-16 20:38 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio
2014-08-17 17:56 - 2014-08-17 17:56 - 00003100 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-571259133-1047198708-711232099-1002
2014-08-17 17:56 - 2014-08-17 17:56 - 00000000 ___RD () C:\Users\Admin\OneDrive
2014-08-17 17:47 - 2014-08-17 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-08-17 17:27 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-08-17 17:23 - 2014-08-17 17:24 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (3).exe
2014-08-17 17:14 - 2014-08-17 17:15 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (2).exe
2014-08-17 17:09 - 2014-08-17 17:09 - 00003134 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-08-17 17:09 - 2014-08-17 17:09 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast
2014-08-17 17:09 - 2014-06-02 16:24 - 00000426 _____ () C:\AVScanner.ini
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieUserList
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieSiteList
2014-08-17 17:08 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-17 17:08 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-17 17:08 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-17 17:08 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-08-17 17:08 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-08-17 17:08 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-08-17 17:08 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-08-17 17:08 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-08-17 17:02 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 17:02 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-17 17:02 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-17 17:02 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 17:02 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-17 17:02 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-17 17:01 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-17 17:01 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-17 17:01 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-17 17:01 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-17 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 17:01 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-17 17:01 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-08-17 17:01 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-08-17 17:01 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-08-17 17:01 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-08-17 17:01 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-08-17 17:01 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-17 17:01 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-17 17:01 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-17 17:01 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-17 17:01 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-17 17:01 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-17 17:01 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-17 17:01 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-17 17:01 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-17 17:01 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-17 17:01 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-17 17:01 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-17 17:01 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-17 17:01 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-17 17:01 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-17 17:01 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-17 17:01 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-17 17:01 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-17 17:01 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-17 17:01 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-17 17:01 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-17 17:01 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-17 17:01 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-17 17:01 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-17 17:01 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2014-08-17 17:01 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2014-08-17 17:01 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2014-08-17 17:01 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2014-08-17 17:01 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-17 17:01 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-17 17:01 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-17 17:01 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-17 17:01 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-08-17 17:01 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-17 17:01 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-17 17:01 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-17 17:01 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-17 17:01 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-17 17:00 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-17 17:00 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-17 17:00 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-17 17:00 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 17:00 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 17:00 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 17:00 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-17 17:00 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-17 17:00 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-17 17:00 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-17 17:00 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-17 17:00 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-17 17:00 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-17 17:00 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-17 17:00 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-17 17:00 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-17 17:00 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2014-08-17 17:00 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-17 17:00 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-17 17:00 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-08-17 17:00 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-08-17 17:00 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-08-17 17:00 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-08-17 17:00 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-08-17 17:00 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-08-17 17:00 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-08-17 17:00 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-08-17 17:00 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-08-17 17:00 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-08-17 17:00 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-08-17 17:00 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-08-17 17:00 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-08-17 17:00 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-17 17:00 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-08-17 17:00 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-08-17 17:00 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-08-17 17:00 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-08-17 17:00 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-08-17 17:00 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-08-17 17:00 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-08-17 17:00 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-08-17 17:00 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-17 17:00 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-17 17:00 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-08-17 17:00 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-08-17 17:00 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-08-17 17:00 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-08-17 17:00 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-08-17 17:00 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-08-17 17:00 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-08-17 17:00 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-08-17 17:00 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-17 17:00 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-08-17 17:00 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-08-17 17:00 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-17 17:00 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-08-17 17:00 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-08-17 17:00 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-08-17 17:00 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-08-17 17:00 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-08-17 17:00 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-08-17 17:00 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-08-17 17:00 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-08-17 17:00 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-08-17 17:00 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-08-17 17:00 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-08-17 17:00 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-08-17 17:00 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-08-17 17:00 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-08-17 17:00 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-08-17 17:00 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-08-17 17:00 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-08-17 17:00 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-08-17 17:00 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-08-17 17:00 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-08-17 17:00 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-17 17:00 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-08-17 17:00 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-08-17 17:00 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-08-17 17:00 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-08-17 17:00 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-08-17 17:00 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-08-17 17:00 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-08-17 16:58 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-08-17 16:58 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-08-17 16:58 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-08-17 16:58 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-08-17 16:58 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-08-17 16:37 - 2014-08-17 16:37 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (1).exe
2014-08-17 16:34 - 2014-08-17 16:34 - 00002188 _____ () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ___RD () C:\Users\Milan\SkyDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-08-17 16:32 - 2014-09-14 10:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-17 16:31 - 2014-08-17 16:31 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 21:35 - 2014-09-16 08:36 - 00020491 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-16 21:35 - 2014-09-16 08:36 - 00000000 ____D () C:\FRST
2014-09-16 21:25 - 2014-09-16 21:25 - 00854417 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-09-16 21:02 - 2014-05-30 22:32 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F13ADF59-9BBD-4280-B837-AB3EDE921A19}
2014-09-16 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-16 20:47 - 2014-09-15 21:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-16 20:45 - 2014-09-14 22:40 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 20:43 - 2014-01-10 04:13 - 01695392 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 20:38 - 2014-08-17 17:56 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio
2014-09-16 16:02 - 2014-09-14 22:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-16 14:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-16 13:12 - 2014-05-30 21:51 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571259133-1047198708-711232099-1002
2014-09-16 08:38 - 2014-09-16 08:37 - 00032448 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-16 08:29 - 2014-09-14 22:40 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 08:29 - 2014-05-30 21:54 - 00000000 ___DO () C:\Users\Admin\SkyDrive
2014-09-15 22:36 - 2014-09-14 22:22 - 00000000 ____D () C:\AdwCleaner
2014-09-15 22:12 - 2014-09-15 14:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood
2014-09-15 21:49 - 2013-08-22 16:46 - 00022813 _____ () C:\Windows\setupact.log
2014-09-15 21:45 - 2014-05-30 21:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 17:12 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\xKvwGKyYh
2014-09-15 16:07 - 2014-09-13 12:16 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-15 16:05 - 2014-09-13 12:03 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:25 - 2014-01-10 13:04 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 15:25 - 2014-01-10 13:04 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 15:25 - 2013-09-13 23:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:12 - 2013-09-13 23:00 - 00013220 _____ () C:\Windows\PFRO.log
2014-09-15 15:12 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 15:12 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:09 - 2014-09-15 15:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 15:03 - 2014-09-15 14:48 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:49 - 2014-09-15 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 14:00 - 2014-09-13 12:14 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-15 13:10 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-09-15 11:59 - 2014-09-13 12:12 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-15 10:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-15 10:11 - 2014-09-14 21:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 22:59 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-14 22:59 - 2013-08-22 16:44 - 00563120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 22:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-14 22:57 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 22:54 - 2014-05-31 18:59 - 00000000 ____D () C:\Update
2014-09-14 22:54 - 2014-01-10 04:21 - 00015446 _____ () C:\Windows\system32\results.xml
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:53 - 2014-01-10 13:05 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 22:53 - 2014-01-10 04:26 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-09-14 22:52 - 2014-01-10 04:12 - 00033590 _____ () C:\Windows\DPINST.LOG
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:42 - 2014-09-13 20:05 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-14 22:42 - 2014-05-30 22:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-09-14 22:41 - 2014-05-30 22:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:24 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:33 - 2014-09-14 21:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:29 - 2014-05-30 22:08 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-14 21:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:28 - 2014-05-30 22:03 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-14 21:26 - 2014-06-02 16:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 21:26 - 2014-01-10 04:47 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-14 20:26 - 2014-06-02 16:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Intel_Corporation
2014-09-14 20:14 - 2014-09-13 20:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-14 11:18 - 2014-08-08 17:21 - 00000294 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-14 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-14 10:53 - 2014-08-17 16:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-13 23:33 - 2014-06-02 15:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 23:31 - 2014-06-02 15:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 20:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Resources
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 12:19 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:04 - 2014-05-30 21:32 - 00000000 ____D () C:\Users\Admin
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-10 13:07 - 2014-09-13 12:16 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-10 13:07 - 2014-09-13 12:16 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-02 22:06 - 2014-06-02 15:55 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-06-02 15:55 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 03:58 - 2014-09-14 22:56 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-29 03:32 - 2014-09-14 22:56 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-29 02:59 - 2014-09-14 22:56 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-29 01:56 - 2014-09-14 22:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-29 01:47 - 2014-09-14 22:56 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-26 00:27 - 2014-09-14 22:56 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 09:48 - 2014-09-14 22:56 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-14 22:56 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 22:56 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 22:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 22:56 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 22:56 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 22:56 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 22:56 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 22:56 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-17 18:04 - 2014-04-28 15:02 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571259133-1047198708-711232099-1001
2014-08-17 18:00 - 2014-01-10 04:40 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-17 17:56 - 2014-08-17 17:56 - 00003100 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-571259133-1047198708-711232099-1002
2014-08-17 17:56 - 2014-08-17 17:56 - 00000000 ___RD () C:\Users\Admin\OneDrive
2014-08-17 17:47 - 2014-08-17 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-08-17 17:41 - 2014-08-17 17:41 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-17 17:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-17 17:24 - 2014-08-17 17:23 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (3).exe
2014-08-17 17:15 - 2014-08-17 17:14 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (2).exe
2014-08-17 17:09 - 2014-08-17 17:09 - 00003134 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-08-17 17:09 - 2014-08-17 17:09 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-17 17:09 - 2014-08-17 17:09 - 00000000 ____D () C:\Users\Gast
2014-08-17 17:09 - 2014-06-02 16:23 - 00000000 ____D () C:\ProgramData\Sony
2014-08-17 17:09 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieUserList
2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 __SHD () C:\Users\Milan\AppData\Local\EmieSiteList
2014-08-17 17:08 - 2014-01-10 05:09 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-08-17 16:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-17 16:43 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-08-17 16:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-17 16:42 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-08-17 16:37 - 2014-08-17 16:37 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_ (1).exe
2014-08-17 16:34 - 2014-08-17 16:34 - 00002188 _____ () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ___RD () C:\Users\Milan\SkyDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-17 16:34 - 2014-08-17 16:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-08-17 16:34 - 2014-04-28 14:53 - 00000000 ____D () C:\Users\Milan
2014-08-17 16:32 - 2014-04-28 14:54 - 00000000 ____D () C:\Users\Milan\AppData\Local\VirtualStore
2014-08-17 16:31 - 2014-08-17 16:31 - 01038520 _____ (Microsoft Corporation) C:\Users\Milan\Downloads\Setup.X86.de-DE_O365HomePremRetail_97f6b502-9b83-49e2-9682-eeb57158a7b8_TX_DB_.exe
2014-08-17 16:20 - 2014-05-30 21:26 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDD30D84-ED30-4992-9780-B874F34D8221}

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-15 10:19

==================== End Of Log ============================

--- --- ---

schrauber · 17.09.2014, 20:07

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\ProgramData\xKvwGKyYh
ProxyServer: http=127.0.0.1:50300;https=127.0.0.1:50300
R2 OjApalQ; "C:\ProgramData\xKvwGKyYh\OjApalQ.exe" [X]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Frisches FRST log bitte.

Dumpfmuff · 17.09.2014, 21:57

hallo,

so, habe java geupdated und alle anderen schritte ebenfalls ausgeführt

einmal fixlog:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Admin at 2014-09-17 22:53:33 Run:1
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\xKvwGKyYh
ProxyServer: http=127.0.0.1:50300;https=127.0.0.1:50300
R2 OjApalQ; "C:\ProgramData\xKvwGKyYh\OjApalQ.exe" [X]
         
*****************


"C:\ProgramData\xKvwGKyYh" directory move:

Could not move "C:\ProgramData\xKvwGKyYh\info.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\OjApalQ.dat" => Scheduled to move on reboot.
C:\ProgramData\xKvwGKyYh\OjApalQ.exe.config => Moved successfully.
Could not move "C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\dat\DohXwWdi.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\xKvwGKyYh" directory. => Scheduled to move on reboot.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
OjApalQ => Unable to stop service
OjApalQ => Service deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-17 22:54:16)<=

C:\ProgramData\xKvwGKyYh\info.dat => Is moved successfully.
C:\ProgramData\xKvwGKyYh\OjApalQ.dat => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\bFESdpT.dll => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\DohXwWdi.dll => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\hNfkZP.exe.config => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe => Is moved successfully.
C:\ProgramData\xKvwGKyYh\dat\jBNUNreau.exe.config => Is moved successfully.
C:\ProgramData\xKvwGKyYh => Is moved successfully.

==== End of Fixlog ====

und wegen der größe wieder frst separat:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Admin (administrator) on MILAN-VAIO on 17-09-2014 22:56:58
Running from C:\Users\Admin\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-09-25] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-15] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Admin\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\88m3yowo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 5677E5059C72B774040548266AC82556066B80E7FE4155C56266C79716D832E5
CHR DefaultSearchProvider: Default -> DF80D2B1533F15F8AD165ECF5E594FBDE110A8DFC66600242E6A75486FBB2A7D
CHR DefaultSearchURL: Default -> 643038AF863DCFD595AC660607D538DBB059F4C9585F9A4A422FE5E33FE37EDF
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-14]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-14]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-14]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-26] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-28] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-26] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-14] ()
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [119240 2013-10-28] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-11-15] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-26] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-17] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-25] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 22:53 - 2014-09-17 22:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-09-17 22:49 - 2014-09-17 22:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Oracle
2014-09-17 22:48 - 2014-09-17 22:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-17 22:48 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-17 22:47 - 2014-09-17 22:47 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-17 22:47 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-17 22:47 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-17 22:47 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-17 22:45 - 2014-09-17 22:45 - 00918952 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-09-17 19:45 - 2014-09-17 20:04 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-17 19:41 - 2014-09-17 19:41 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-16 21:25 - 2014-09-16 21:25 - 00854417 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-09-16 08:37 - 2014-09-16 08:38 - 00032448 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-09-16 08:36 - 2014-09-17 22:56 - 00019913 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-16 08:36 - 2014-09-17 22:56 - 00000000 ____D () C:\FRST
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-09-15 21:42 - 2014-09-17 22:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:07 - 2014-09-15 15:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 14:51 - 2014-09-15 22:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 14:50 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 14:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 14:48 - 2014-09-15 15:03 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:47 - 2014-09-15 14:49 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 22:56 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-14 22:56 - 2014-08-29 03:32 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-14 22:56 - 2014-08-29 02:59 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-14 22:56 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 22:56 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 22:56 - 2014-08-26 00:27 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 22:56 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-14 22:56 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-14 22:56 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-14 22:56 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-14 22:56 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 22:56 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 22:56 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-14 22:56 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 22:56 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 22:56 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-14 22:56 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 22:56 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-14 22:56 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 22:56 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 22:56 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-14 22:56 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 22:56 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-14 22:56 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-14 22:56 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-09-14 22:56 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-09-14 22:56 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-14 22:56 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-14 22:56 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-14 22:56 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:20 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 22:56 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-14 22:56 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 22:56 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-14 22:56 - 2014-08-16 02:11 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 22:56 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-14 22:56 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-14 22:56 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-14 22:56 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-14 22:56 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-14 22:56 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-14 22:56 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-14 22:56 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-14 22:56 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:40 - 2014-09-17 22:54 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 22:40 - 2014-09-17 22:45 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:22 - 2014-09-15 22:36 - 00000000 ____D () C:\AdwCleaner
2014-09-14 22:16 - 2014-09-17 19:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-15 10:11 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:32 - 2014-09-14 21:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 20:24 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-14 20:24 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-14 20:24 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 20:24 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-14 20:24 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-14 20:24 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-14 20:24 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 20:24 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 20:24 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-14 20:24 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-14 20:24 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-14 20:24 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-14 20:24 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-14 20:24 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-14 20:24 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-14 20:24 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-14 20:24 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-14 20:24 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-14 20:24 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-14 20:24 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-14 20:24 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-14 20:24 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-14 20:24 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-14 20:24 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-14 20:24 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-14 20:24 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-14 20:24 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-14 20:24 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-14 20:24 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-14 20:24 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-14 20:24 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-14 20:24 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-14 20:24 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-14 20:24 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-14 20:24 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2014-09-14 20:24 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-14 20:24 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-14 20:24 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-14 20:24 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-14 20:24 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-14 20:24 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-14 20:24 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-14 20:24 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-14 20:24 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-14 20:24 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 20:24 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-14 20:24 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-14 20:24 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-14 20:24 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-14 20:24 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-14 20:24 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-14 20:24 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-14 20:24 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-14 20:24 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-14 20:24 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-14 20:24 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-14 20:24 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 20:24 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-14 20:24 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-14 20:24 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 20:24 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-14 20:24 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-14 20:24 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-14 20:24 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-14 20:24 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-14 20:24 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-14 20:24 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 20:24 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-14 20:24 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-14 20:24 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 20:24 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-14 20:24 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-14 20:24 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-14 20:24 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-14 20:24 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-14 20:24 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-14 20:24 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 20:24 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-14 20:24 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-14 20:24 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-14 20:24 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 20:24 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-14 20:24 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-14 20:24 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-14 20:24 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-14 20:24 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-14 20:24 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-14 20:24 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-14 20:24 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-14 20:24 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-14 20:24 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-14 20:24 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 20:24 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 20:24 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-14 20:24 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-14 20:24 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-14 20:24 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-14 20:24 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-14 20:24 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-14 20:24 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-14 20:24 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-14 20:24 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-14 20:24 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-14 20:24 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-14 20:24 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-14 20:24 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-14 20:24 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-14 20:24 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-14 20:23 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-14 20:23 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-14 20:23 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-14 20:23 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-14 20:23 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-14 20:23 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-14 20:23 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-14 20:23 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-14 20:23 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-14 20:23 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-14 20:23 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-14 20:23 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-14 20:23 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-14 20:23 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-14 20:23 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-14 20:23 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 20:23 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-14 20:23 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-14 20:23 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-14 20:23 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-14 20:23 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-14 20:16 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-14 20:16 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-14 20:16 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-14 11:13 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 11:13 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 11:13 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 11:13 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 11:13 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 11:13 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 11:13 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 11:13 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 11:13 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 11:13 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 11:13 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 11:13 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 11:13 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 11:13 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 11:13 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 11:13 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 11:13 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 11:13 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 11:13 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 11:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 11:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 20:15 - 2014-09-14 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-14 22:42 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:31 - 2014-09-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 16:54 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-13 16:53 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-13 12:16 - 2014-09-15 16:07 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-13 12:16 - 2014-09-10 13:07 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-13 12:16 - 2014-08-11 16:16 - 00028152 _____ () C:\Users\Admin\Desktop\akkermann.odt
2014-09-13 12:14 - 2014-09-17 19:54 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-13 12:12 - 2014-09-15 11:59 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:03 - 2014-09-15 16:05 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-03 19:48 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-03 19:48 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 22:57 - 2014-09-16 08:36 - 00019913 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-17 22:56 - 2014-09-16 08:36 - 00000000 ____D () C:\FRST
2014-09-17 22:55 - 2014-08-17 17:56 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-VAIO-Admin Milan-Vaio
2014-09-17 22:54 - 2014-09-14 22:40 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 22:54 - 2014-05-30 21:54 - 00000000 __RDO () C:\Users\Admin\SkyDrive
2014-09-17 22:54 - 2013-09-13 23:00 - 00014976 _____ () C:\Windows\PFRO.log
2014-09-17 22:54 - 2013-08-22 16:46 - 00022954 _____ () C:\Windows\setupact.log
2014-09-17 22:54 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-17 22:53 - 2014-09-17 22:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-09-17 22:53 - 2014-01-10 04:13 - 01771049 _____ () C:\Windows\WindowsUpdate.log
2014-09-17 22:53 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-17 22:50 - 2014-05-30 21:51 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-571259133-1047198708-711232099-1002
2014-09-17 22:49 - 2014-09-17 22:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Oracle
2014-09-17 22:48 - 2014-09-17 22:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-17 22:47 - 2014-09-17 22:47 - 00004505 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-17 22:47 - 2014-09-15 21:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-17 22:47 - 2014-01-10 04:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-17 22:45 - 2014-09-17 22:45 - 00918952 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-09-17 22:45 - 2014-09-14 22:40 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-17 20:04 - 2014-09-17 19:45 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-17 19:54 - 2014-09-13 12:14 - 00000000 ____D () C:\Users\Admin\Desktop\ExamenAbgabe
2014-09-17 19:41 - 2014-09-17 19:41 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-17 19:13 - 2014-09-14 22:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\InstaShare
2014-09-17 15:54 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-09-17 12:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-16 21:25 - 2014-09-16 21:25 - 00854417 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-09-16 21:02 - 2014-05-30 22:32 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F13ADF59-9BBD-4280-B837-AB3EDE921A19}
2014-09-16 14:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-16 08:38 - 2014-09-16 08:37 - 00032448 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-09-16 08:35 - 2014-09-16 08:35 - 02105856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-15 22:36 - 2014-09-14 22:22 - 00000000 ____D () C:\AdwCleaner
2014-09-15 22:12 - 2014-09-15 14:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 21:49 - 2014-09-15 21:49 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-09-15 21:45 - 2014-05-30 21:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-15 21:42 - 2014-09-15 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-15 21:42 - 2014-09-15 21:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-09-15 16:07 - 2014-09-13 12:16 - 00023730 _____ () C:\Users\Admin\Desktop\psychobegriffe.odt
2014-09-15 16:05 - 2014-09-13 12:03 - 00000000 ____D () C:\Program Files (x86)\XMind
2014-09-15 15:26 - 2014-09-15 15:26 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-09-15 15:26 - 2014-09-15 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-15 15:25 - 2014-01-10 13:04 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 15:25 - 2014-01-10 13:04 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 15:25 - 2013-09-13 23:06 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 15:22 - 2014-09-15 15:22 - 00000885 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-09-15 15:17 - 2014-09-15 15:17 - 00000000 ____D () C:\ProgramData\Browser
2014-09-15 15:14 - 2014-09-15 15:14 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-09-15 15:14 - 2014-09-15 15:14 - 00000000 ____D () C:\Windows\ERUNT
2014-09-15 15:10 - 2014-09-15 15:10 - 01373475 _____ () C:\Users\Admin\Downloads\AdwCleaner_3.310.exe
2014-09-15 15:09 - 2014-09-15 15:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-15 15:07 - 2014-09-15 15:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup95.exe
2014-09-15 15:03 - 2014-09-15 14:48 - 00022257 _____ () C:\Users\Admin\Desktop\humbiabgabe.odt
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-15 14:50 - 2014-09-15 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-15 14:49 - 2014-09-15 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-15 11:59 - 2014-09-13 12:12 - 00000000 ____D () C:\Users\Admin\Desktop\NenkoExamen
2014-09-15 10:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-15 10:11 - 2014-09-14 21:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-14 22:59 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-14 22:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-14 22:59 - 2013-08-22 16:44 - 00563120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 22:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-14 22:57 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 22:54 - 2014-05-31 18:59 - 00000000 ____D () C:\Update
2014-09-14 22:54 - 2014-01-10 04:21 - 00015446 _____ () C:\Windows\system32\results.xml
2014-09-14 22:53 - 2014-09-14 22:53 - 00001214 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFC Connection Utility.lnk
2014-09-14 22:53 - 2014-01-10 13:05 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 22:53 - 2014-01-10 04:26 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-09-14 22:52 - 2014-01-10 04:12 - 00033590 _____ () C:\Windows\DPINST.LOG
2014-09-14 22:42 - 2014-09-14 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-14 22:42 - 2014-09-13 20:05 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-14 22:42 - 2014-05-30 22:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-09-14 22:41 - 2014-05-30 22:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-14 22:40 - 2014-09-14 22:40 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-14 22:40 - 2014-09-14 22:40 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-14 22:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-14 22:26 - 2014-09-14 22:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\OpenOffice
2014-09-14 22:24 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-09-14 21:35 - 2014-09-14 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-14 21:34 - 2014-09-14 21:34 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-14 21:33 - 2014-09-14 21:33 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-14 21:33 - 2014-09-14 21:33 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-14 21:33 - 2014-09-14 21:33 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-14 21:33 - 2014-09-14 21:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-14 21:33 - 2014-09-14 21:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-14 21:29 - 2014-05-30 22:08 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-14 21:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-14 21:28 - 2014-09-14 21:28 - 00244306 _____ () C:\ProgramData\1410722845.bdinstall.bin
2014-09-14 21:28 - 2014-05-30 22:03 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-14 21:26 - 2014-06-02 16:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 21:26 - 2014-01-10 04:47 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-09-14 21:25 - 2014-09-14 21:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WildTangent
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 21:25 - 2014-01-10 04:47 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-14 20:26 - 2014-06-02 16:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Intel_Corporation
2014-09-14 20:14 - 2014-09-13 20:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-09-14 11:18 - 2014-08-08 17:21 - 00000294 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-14 10:53 - 2014-08-17 16:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-13 23:33 - 2014-06-02 15:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 23:31 - 2014-06-02 15:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 20:15 - 2014-09-13 20:15 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-13 20:15 - 2014-09-13 20:15 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-13 20:05 - 2014-09-13 20:05 - 00000000 ____D () C:\ProgramData\InstaShare
2014-09-13 20:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Resources
2014-09-13 18:32 - 2014-09-13 18:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-09-13 17:34 - 2014-09-13 17:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 17:31 - 2014-09-13 17:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 12:19 - 2014-05-30 21:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-09-13 12:04 - 2014-09-13 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2014-09-13 12:04 - 2014-05-30 21:32 - 00000000 ____D () C:\Users\Admin
2014-09-13 12:00 - 2014-09-13 12:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-13 12:00 - 2014-09-13 12:00 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-10 13:07 - 2014-09-13 12:16 - 00031977 _____ () C:\Users\Admin\Desktop\stahlbboard.odt
2014-09-10 13:07 - 2014-09-13 12:16 - 00025928 _____ () C:\Users\Admin\Desktop\braungerbboard.odt
2014-09-02 22:06 - 2014-06-02 15:55 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-06-02 15:55 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 03:58 - 2014-09-14 22:56 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-29 03:32 - 2014-09-14 22:56 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-29 02:59 - 2014-09-14 22:56 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-29 01:56 - 2014-09-14 22:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-29 01:47 - 2014-09-14 22:56 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-26 00:27 - 2014-09-14 22:56 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 09:48 - 2014-09-14 22:56 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-08-23 09:13 - 2014-09-14 22:56 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 22:56 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 22:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 22:56 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 22:56 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 22:56 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 22:56 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 22:56 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-15 10:19

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 18.09.2014, 13:55

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Dumpfmuff · 18.09.2014, 17:56

wow, es öffnen sich tatsächlich keine tabs und popups mehr - danke! und das auch noch so blitzschnell!
wirklich, ich kann dir nicht oft genug danken! es gibt sie noch, die gutmenschen!

schrauber · 19.09.2014, 09:44

Gern Geschehen

19.09.2014, 09:44	#12
schrauber /// the machine /// TB-Ausbilder	Windows 8.1 vermutlich Yahoo Smartbar Nachwirkungen Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8.1 vermutlich Yahoo Smartbar Nachwirkungen

Log-Analyse und Auswertung: Windows 8.1 vermutlich Yahoo Smartbar Nachwirkungen