Ständiges Werbefenster im IE (Windows 8.1) u. Sweet Page im Firefox

nicurb · 28.09.2014, 22:38

Hallo zusammen,

habe mein Laptop zwar erst seit Mai, aber gleich zu Beginn leider einige Fehler gemacht :-(

Habe open Office installiert und da ich dies für absolut vertrauenswürdig hielt und während der Installation ein Fenster zu "Finde Fehler in Deinem System" (o.ä.) aufpoppte, folgte ich dem Link gutgläubig und kam so zu einem Registry Cleaner. Den ich noch dazu dann käuflich erwarb (dämlich ich weiß!!!). Konnte ihn zwar aufgrund 30tägiger Rückgabefrist zurückgeben, vermute aber ,dass ich mir damit schon was übles eingefangen hab. Weiterhin hab ich mir den Firefox Explorer installiert, der mir dann immer die Suchmaschine "Sweet Page" als Startseite offerierte, also wieder was ungewollt eingefangen!

Hab mir dann irgendwann Malwarebytes installiert, welches mehrere PUP fand. Diese hab ich mit mwb in Quarantäne gesetzt. Fenster im IE poppt jedoch immer noch auf. Benutze ansonsten nur AVIRA gratis Version, das im Zusammenhang mit dem openoffice setup 2 Dateien mit Adware fand und in Quarantäne stellte. Leider komme ich an die Logiles nicht mehr ran (zu alt bzw. zu lange her? Die waren von Mai...).
In der Quarantäne steht jedoch folgendes dazu: Adware/InstallCore.JO

Hier nun alle durchgeführten Schritte nach Eurer "Checkliste". Hoffe habe alles richtig gemacht. FRST (Faber....) konnte ich nicht anwenden, weil Windows dies als potentiell gefährliche App eingestuft und abgewehrt hat.

Alles andere nun hier. Vielen Dank für Eure Hilfe! Bitte einmal eine kurze Einschätzung "wie schlimm" es um den Rechner bestellt ist. Vielen Dank!

1.
"defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:31 on 28/09/2014 (nurban)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F="

2.
"GMER Logfile:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-28 22:48:40
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000023 WDC_WD5000LPVX-22V0TT0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\nurban\AppData\Local\Temp\kxroapod.sys


---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[3964] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffec2651f6a 4 bytes [65, C2, FE, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[3964] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffec2651f82 4 bytes [65, C2, FE, 7F]
.text C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffed5cd169a 4 bytes [CD, D5, FE, 7F]
.text C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffed5cd16a2 4 bytes [CD, D5, FE, 7F]
.text C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffed5cd181a 4 bytes [CD, D5, FE, 7F]
.text C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffed5cd1832 4 bytes [CD, D5, FE, 7F]

---- Threads - GMER 2.1 ----

Thread C:\Windows\system32\csrss.exe [564:588] fffff96000937b90
Thread C:\Windows\Explorer.EXE [2128:2004] 00007ffec83dd73c
---- Processes - GMER 2.1 ----

Process C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\BIORYDIF\Gmer-19357.exe (*** suspicious ***) @ C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\BIORYDIF\Gmer-19357.exe [3884](2014-09-28 20:35:14) 0000000000400000

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----"

--- --- ---
3. MwB (3 Logfiles)

" Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 03.08.2014
Suchlauf-Zeit: 20:52:56
Logdatei: mwb3814-1.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.03.06
Rootkit Datenbank: v2014.08.01.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 284064
Verstrichene Zeit: 21 Min, 3 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1148, Löschen bei Neustart, [7bb7af13bac140f69965d986e41d39c7]
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, 1244, Löschen bei Neustart, [ad859b27bcbfd6600a7e6dfd08f93dc3]

Module: 3
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [bf73be042c4ffc3aa0bc018ec0410bf5],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3],

Registrierungsschlüssel: 22
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [7bb7af13bac140f69965d986e41d39c7],
PUP.Optional.WpManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm, In Quarantäne, [ad859b27bcbfd6600a7e6dfd08f93dc3],
PUP.Optional.WpManager, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WPM, In Quarantäne, [ad859b27bcbfd6600a7e6dfd08f93dc3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.SupTab.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\sweet-page uninstaller, In Quarantäne, [d85aa9192e4d152166f6b5da5fa2956b],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64, In Quarantäne, [dc56bf03e2991b1ba237e2efcd3557a9],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [0d25b40e483376c0f7a4c05d8e76629e],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [989a12b0710a280e6b17fb2b8b79f50b],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [7eb46e54017a53e318839786a65ea759],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [71c15c660873cc6a92c0785e010146ba],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [80b2764ce39832045e70c23969995ea2],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [2e04aa18c5b6dc5a0ddfa36e798b7789],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Löschen bei Neustart, [67cb7949e2996ec8788e795fae5422de],
PUP.Optional.Qone8, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [41f1bc064f2c6acc3d5d48d51fe5e61a],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Löschen bei Neustart, [4fe320a2a4d77cbad57c6d69e022ea16],

Registrierungswerte: 2
PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [290982403249af87234c869c8f75f40c]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, Löschen bei Neustart, [2e04aa18c5b6dc5a0ddfa36e798b7789]

Registrierungsdaten: 13
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Ersetzt,[4de52e94a8d34ee8b8a47d1226dbc33d]
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Ersetzt,[69c9cbf7a0db3bfbc993632c28d9cf31]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[81b170521665ef472212774862a27a86]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[52e0bb07d6a55adc66cdcaf57490f20e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[f33fdde5403bd066a491803f9173d12f]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[b9792f9387f456e01af83c7852b2d42c]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c07205bd95e6a78f8746625c5fa5f10f]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[b57d863cf08b56e0a2923c83b74d6a96]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[1919883a9cdff343af844f70b64e4eb2]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[e44e764c6d0e7cbab0851ea16c981ce4]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[c1717250f388c472f919417337cddf21]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[6cc6c9f9493295a1b914f3cb12f2f20e]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Löschen bei Neustart,[50e21ba70f6c6dc97db2407fc440a45c]

Ordner: 29
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Löschen bei Neustart, [979b734fbbc06accab1209ba13efb749],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [979b734fbbc06accab1209ba13efb749],
PUP.Optional.SystemSpeedup, C:\Users\nurban\AppData\Roaming\Systweak\ssd, In Quarantäne, [85ad6a5896e577bfba1a82440101e11f],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Users\nurban\AppData\Roaming\SupTab, In Quarantäne, [ff337949a1da1620bf9a8b410ef4d927],

Dateien: 70
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [7bb7af13bac140f69965d986e41d39c7],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [bf73be042c4ffc3aa0bc018ec0410bf5],
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, Löschen bei Neustart, [ad859b27bcbfd6600a7e6dfd08f93dc3],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [4de52e94a8d34ee8b8a47d1226dbc33d],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [69c9cbf7a0db3bfbc993632c28d9cf31],
PUP.Optional.Skytech.A, C:\Users\nurban\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [d85aa9192e4d152166f6b5da5fa2956b],
PUP.Optional.SkyTech.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\alilog.dll, In Quarantäne, [5ad8cef49cdf96a0dd581121c23ee41c],
PUP.Optional.V9.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\qSE.exe, In Quarantäne, [1f13dfe3077465d1aa3952f69d632fd1],
PUP.Optional.Skytech.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\UninstallManager.exe, In Quarantäne, [fe345270b3c867cf77e5325d55ac6c94],
PUP.Optional.IePluginService.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\tmp\SupTab_Setup302.exe, In Quarantäne, [de5415ad4c2fec4a6a942a351fe2659b],
PUP.Optional.WpManager, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\tmp\wpm_v18.8.0.273.exe, In Quarantäne, [072b348e4d2eb87edaae2248689901ff],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys, In Quarantäne, [dc56bf03e2991b1ba237e2efcd3557a9],
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [9e94d8ea43382b0b166b42e4fc080ef2],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [979b734fbbc06accab1209ba13efb749],
PUP.Optional.SystemSpeedup, C:\Users\nurban\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, In Quarantäne, [85ad6a5896e577bfba1a82440101e11f],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af],

Physische Sektoren: 0
(No malicious items detected)

(end)"

" Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 31.08.2014
Suchlauf-Zeit: 21:23:02
Logdatei: mwb310814.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.31.05
Rootkit Datenbank: v2014.08.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 294969
Verstrichene Zeit: 32 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 3
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [990087426a115adcf4f49c51946e9d63],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantäne, [cecb4a7faecdfc3a7e36ed0043bff30d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [13865d6cf289a690edfa4da00cf652ae],

Registrierungswerte: 2
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, In Quarantäne, [cecb4a7faecdfc3a7e36ed0043bff30d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [13865d6cf289a690edfa4da00cf652ae]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)

(end)"

" Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 11.09.2014
Suchlauf-Zeit: 22:31:20
Logdatei: mwb110914.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.11.07
Rootkit Datenbank: v2014.09.10.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303058
Verstrichene Zeit: 29 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],

Dateien: 9
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\75.json, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\uninstallDlg.xml, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\bg1.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\button1.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\checked.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\close.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\min.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\Thumbs.db, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\unchecked.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02],

Physische Sektoren: 0
(No malicious items detected)

(end)"

"Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 24. September 2014 21:36

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8.1
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : NICS_NOTEBOOK

Versionsinformationen:
BUILD.DAT : 14.0.6.570 92022 Bytes 15.08.2014 10:30:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 06.09.2014 20:01:57
AVSCANRC.DLL : 14.0.6.522 62544 Bytes 06.09.2014 20:01:57
LUKE.DLL : 14.0.6.522 57936 Bytes 06.09.2014 20:02:18
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 06.09.2014 20:01:57
AVREG.DLL : 14.0.6.522 262224 Bytes 06.09.2014 20:01:56
avlode.dll : 14.0.6.526 603728 Bytes 06.09.2014 20:01:55
avlode.rdf : 14.0.4.46 64835 Bytes 11.09.2014 19:50:25
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:27
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 20:02:28
XBV00125.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:40
XBV00126.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:40
XBV00127.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00128.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00129.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00130.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00131.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00132.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00133.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00134.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00135.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:41
XBV00136.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00137.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00138.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00139.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00140.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00141.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00142.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00143.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00144.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00145.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00146.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00147.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:42
XBV00148.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00149.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00150.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00151.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00152.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00153.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00154.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00155.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00156.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:43
XBV00157.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00158.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00159.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00160.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00161.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00162.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00163.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00164.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00165.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:44
XBV00166.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:45
XBV00167.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:45
XBV00168.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:45
XBV00169.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:45
XBV00170.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:46
XBV00171.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:46
XBV00172.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:46
XBV00173.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:46
XBV00174.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:46
XBV00175.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:47
XBV00176.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:47
XBV00177.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:47
XBV00178.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:47
XBV00179.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:47
XBV00180.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00181.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00182.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00183.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00184.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00185.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:48
XBV00186.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00187.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00188.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00189.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00190.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00191.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00192.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00193.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:49
XBV00194.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00195.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00196.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00197.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00198.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00199.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00200.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00201.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00202.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00203.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00204.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:50
XBV00205.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00206.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00207.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00208.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00209.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00210.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00211.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:51
XBV00212.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:52
XBV00213.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:52
XBV00214.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:52
XBV00215.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00216.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00217.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00218.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00219.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00220.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00221.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00222.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00223.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00224.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00225.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:53
XBV00226.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00227.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00228.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00229.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00230.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00231.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00232.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00233.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00234.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:54
XBV00235.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00236.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00237.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00238.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00239.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00240.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00241.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00242.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00243.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00244.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00245.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00246.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00247.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00248.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00249.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00250.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00251.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00252.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00253.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00254.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00255.VDF : 8.11.172.30 2048 Bytes 15.09.2014 19:37:55
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:41:06
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:41:06
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:41:06
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:41:06
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:41:06
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:41:06
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 21:07:48
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 20:12:21
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 20:02:27
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 19:37:33
XBV00042.VDF : 8.11.172.54 36864 Bytes 15.09.2014 19:37:33
XBV00043.VDF : 8.11.172.78 8704 Bytes 15.09.2014 19:37:34
XBV00044.VDF : 8.11.172.102 2048 Bytes 15.09.2014 19:37:34
XBV00045.VDF : 8.11.172.128 23040 Bytes 15.09.2014 19:37:34
XBV00046.VDF : 8.11.172.132 2048 Bytes 15.09.2014 19:37:34
XBV00047.VDF : 8.11.172.136 13824 Bytes 15.09.2014 19:37:34
XBV00048.VDF : 8.11.172.140 13312 Bytes 16.09.2014 19:37:34
XBV00049.VDF : 8.11.172.142 6144 Bytes 16.09.2014 19:37:34
XBV00050.VDF : 8.11.172.144 4608 Bytes 16.09.2014 19:37:34
XBV00051.VDF : 8.11.172.146 9216 Bytes 16.09.2014 19:37:34
XBV00052.VDF : 8.11.172.148 16384 Bytes 16.09.2014 19:37:34
XBV00053.VDF : 8.11.172.150 9728 Bytes 16.09.2014 19:37:34
XBV00054.VDF : 8.11.172.154 51200 Bytes 16.09.2014 19:37:35
XBV00055.VDF : 8.11.172.156 2048 Bytes 16.09.2014 19:37:35
XBV00056.VDF : 8.11.172.160 17408 Bytes 16.09.2014 19:37:35
XBV00057.VDF : 8.11.172.162 2048 Bytes 16.09.2014 19:37:35
XBV00058.VDF : 8.11.172.164 9216 Bytes 16.09.2014 19:37:35
XBV00059.VDF : 8.11.172.168 8192 Bytes 16.09.2014 19:37:35
XBV00060.VDF : 8.11.172.192 13824 Bytes 17.09.2014 19:37:35
XBV00061.VDF : 8.11.172.212 2048 Bytes 17.09.2014 19:37:35
XBV00062.VDF : 8.11.172.232 16384 Bytes 17.09.2014 19:37:35
XBV00063.VDF : 8.11.172.252 12800 Bytes 17.09.2014 19:37:35
XBV00064.VDF : 8.11.172.254 8192 Bytes 17.09.2014 19:37:35
XBV00065.VDF : 8.11.173.4 26624 Bytes 17.09.2014 19:37:35
XBV00066.VDF : 8.11.173.6 6656 Bytes 17.09.2014 19:37:35
XBV00067.VDF : 8.11.173.10 9216 Bytes 17.09.2014 15:36:30
XBV00068.VDF : 8.11.173.12 4096 Bytes 17.09.2014 15:36:30
XBV00069.VDF : 8.11.173.14 2048 Bytes 17.09.2014 15:36:30
XBV00070.VDF : 8.11.173.16 5120 Bytes 17.09.2014 15:36:30
XBV00071.VDF : 8.11.173.20 17408 Bytes 18.09.2014 15:36:31
XBV00072.VDF : 8.11.173.22 11264 Bytes 18.09.2014 15:36:31
XBV00073.VDF : 8.11.173.24 24064 Bytes 18.09.2014 15:36:31
XBV00074.VDF : 8.11.173.28 13312 Bytes 18.09.2014 15:36:31
XBV00075.VDF : 8.11.173.30 2048 Bytes 18.09.2014 15:36:31
XBV00076.VDF : 8.11.173.34 12288 Bytes 18.09.2014 15:36:31
XBV00077.VDF : 8.11.173.36 8192 Bytes 18.09.2014 15:36:31
XBV00078.VDF : 8.11.173.38 2048 Bytes 19.09.2014 15:36:31
XBV00079.VDF : 8.11.173.40 10240 Bytes 19.09.2014 15:36:31
XBV00080.VDF : 8.11.173.60 5120 Bytes 19.09.2014 15:36:31
XBV00081.VDF : 8.11.173.80 22016 Bytes 19.09.2014 15:36:31
XBV00082.VDF : 8.11.173.100 4608 Bytes 19.09.2014 15:36:31
XBV00083.VDF : 8.11.173.102 8704 Bytes 19.09.2014 15:36:31
XBV00084.VDF : 8.11.173.104 7680 Bytes 19.09.2014 15:36:31
XBV00085.VDF : 8.11.173.108 18944 Bytes 19.09.2014 15:36:31
XBV00086.VDF : 8.11.173.110 6144 Bytes 19.09.2014 08:33:27
XBV00087.VDF : 8.11.173.114 9216 Bytes 19.09.2014 08:33:27
XBV00088.VDF : 8.11.173.116 2048 Bytes 19.09.2014 08:33:27
XBV00089.VDF : 8.11.173.118 7680 Bytes 19.09.2014 08:33:27
XBV00090.VDF : 8.11.173.120 7680 Bytes 19.09.2014 08:33:27
XBV00091.VDF : 8.11.173.122 3584 Bytes 19.09.2014 08:33:27
XBV00092.VDF : 8.11.173.126 52224 Bytes 20.09.2014 16:16:02
XBV00093.VDF : 8.11.173.130 2048 Bytes 20.09.2014 16:16:02
XBV00094.VDF : 8.11.173.132 10240 Bytes 20.09.2014 16:16:03
XBV00095.VDF : 8.11.173.134 10752 Bytes 20.09.2014 16:16:03
XBV00096.VDF : 8.11.173.136 60416 Bytes 21.09.2014 20:03:44
XBV00097.VDF : 8.11.173.138 7680 Bytes 21.09.2014 20:03:44
XBV00098.VDF : 8.11.173.140 11776 Bytes 21.09.2014 20:03:44
XBV00099.VDF : 8.11.173.160 40960 Bytes 22.09.2014 20:03:44
XBV00100.VDF : 8.11.173.162 2048 Bytes 22.09.2014 20:03:44
XBV00101.VDF : 8.11.173.180 6656 Bytes 22.09.2014 20:03:44
XBV00102.VDF : 8.11.173.198 3584 Bytes 22.09.2014 20:03:44
XBV00103.VDF : 8.11.173.200 15872 Bytes 22.09.2014 20:03:44
XBV00104.VDF : 8.11.173.202 4608 Bytes 22.09.2014 20:03:44
XBV00105.VDF : 8.11.173.204 10752 Bytes 22.09.2014 20:03:44
XBV00106.VDF : 8.11.173.208 12288 Bytes 22.09.2014 20:03:45
XBV00107.VDF : 8.11.173.212 20480 Bytes 22.09.2014 20:03:45
XBV00108.VDF : 8.11.173.214 2048 Bytes 22.09.2014 20:03:45
XBV00109.VDF : 8.11.173.216 2048 Bytes 22.09.2014 20:03:45
XBV00110.VDF : 8.11.173.218 2048 Bytes 22.09.2014 20:03:45
XBV00111.VDF : 8.11.173.226 13312 Bytes 22.09.2014 20:03:45
XBV00112.VDF : 8.11.173.230 26624 Bytes 23.09.2014 20:03:45
XBV00113.VDF : 8.11.173.232 20992 Bytes 23.09.2014 20:03:45
XBV00114.VDF : 8.11.173.234 4608 Bytes 23.09.2014 20:03:45
XBV00115.VDF : 8.11.173.236 4096 Bytes 23.09.2014 20:03:45
XBV00116.VDF : 8.11.173.240 19456 Bytes 23.09.2014 20:03:45
XBV00117.VDF : 8.11.173.254 33792 Bytes 23.09.2014 19:20:52
XBV00118.VDF : 8.11.174.2 2048 Bytes 23.09.2014 19:20:52
XBV00119.VDF : 8.11.174.4 10240 Bytes 23.09.2014 19:20:52
XBV00120.VDF : 8.11.174.24 15360 Bytes 24.09.2014 19:20:52
XBV00121.VDF : 8.11.174.42 9216 Bytes 24.09.2014 19:20:52
XBV00122.VDF : 8.11.174.60 5120 Bytes 24.09.2014 19:20:52
XBV00123.VDF : 8.11.174.66 28672 Bytes 24.09.2014 19:20:52
XBV00124.VDF : 8.11.174.68 6144 Bytes 24.09.2014 19:20:52
LOCAL001.VDF : 8.11.174.68 110839808 Bytes 24.09.2014 19:21:22
Engineversion : 8.3.24.28
AEVDF.DLL : 8.3.1.6 133992 Bytes 06.09.2014 20:01:53
AESCRIPT.DLL : 8.2.0.24 436136 Bytes 19.09.2014 15:36:30
AESCN.DLL : 8.3.2.2 139456 Bytes 03.08.2014 18:44:23
AESBX.DLL : 8.2.20.24 1409224 Bytes 11.05.2014 17:04:52
AERDL.DLL : 8.2.0.138 704888 Bytes 25.02.2014 09:41:04
AEPACK.DLL : 8.4.0.54 788392 Bytes 24.09.2014 19:20:51
AEOFFICE.DLL : 8.3.0.24 223144 Bytes 17.09.2014 19:37:31
AEHEUR.DLL : 8.1.4.1298 7519088 Bytes 19.09.2014 15:36:30
AEHELP.DLL : 8.3.1.0 278728 Bytes 12.06.2014 20:11:53
AEGEN.DLL : 8.1.7.28 450752 Bytes 12.06.2014 20:11:47
AEEXP.DLL : 8.4.2.32 247712 Bytes 06.09.2014 20:01:53
AEEMU.DLL : 8.1.3.4 399264 Bytes 06.09.2014 20:01:49
AEDROID.DLL : 8.4.2.24 442568 Bytes 12.06.2014 20:11:56
AECORE.DLL : 8.3.2.6 243712 Bytes 06.09.2014 20:01:49
AEBB.DLL : 8.1.2.0 60448 Bytes 06.09.2014 20:01:49
AVWINLL.DLL : 14.0.6.522 24144 Bytes 06.09.2014 20:01:49
AVPREF.DLL : 14.0.6.522 50256 Bytes 06.09.2014 20:01:56
AVREP.DLL : 14.0.6.522 219216 Bytes 06.09.2014 20:01:56
AVARKT.DLL : 14.0.5.368 226384 Bytes 03.08.2014 18:44:24
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 06.09.2014 20:01:55
SQLITE3.DLL : 14.0.6.522 452176 Bytes 06.09.2014 20:02:21
AVSMTP.DLL : 14.0.6.522 76368 Bytes 06.09.2014 20:01:58
NETNT.DLL : 14.0.6.522 13392 Bytes 06.09.2014 20:02:18
RCIMAGE.DLL : 14.0.6.544 4863568 Bytes 06.09.2014 20:01:49
RCTEXT.DLL : 14.0.6.558 76080 Bytes 06.09.2014 20:01:49

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Mittwoch, 24. September 2014 21:36

Der Suchlauf über die Bootsektoren wird begonnen:

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '158' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '129' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'aavus.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCDMonitorService.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMSvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'GamesAppIntegrationService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrl.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '198' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDTouch.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMEvent.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'QASvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrlHelper.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMTray.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'RMSvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'QAEvent.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'QAMsg.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'QuickAccess.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'ActivateDesktop.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'HostAppServiceUpdater.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'Amazon Music Helper.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerTray.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrMfcWnd.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'brccMCtl.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'BrMfcmon.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashUtil_ActiveX.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerSvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerEvent.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Notification.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '63' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1294' Dateien ).

Ende des Suchlaufs: Mittwoch, 24. September 2014 21:37
Benötigte Zeit: 00:52 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

0 Verzeichnisse wurden überprüft
2285 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
2285 Dateien ohne Befall
4 Archive wurden durchsucht
0 Warnungen
0 Hinweise"

schrauber · 29.09.2014, 06:14

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

nicurb · 29.09.2014, 10:16

Okay Danke! Diese Anweisung hab ich wohl überlesen. Nachfolgend gleich dann noch mal alle Logfiles.

FRST (FABERS....) KONNTE ICH NICHT ANWENDEN! DA WINDOWS ES FÜR EINE POTENTIELL SCHÄDLICHE APP GEHALTEN HAT UND DIE ANWENDUNG NICHT ZUGELASSEN HAT. Bitte Info wir ich hier vorgehen soll!!!! DANKE!

So hier nun die Logfiles:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:31 on 28/09/2014 (nurban)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-28 22:48:40
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000023 WDC_WD5000LPVX-22V0TT0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\nurban\AppData\Local\Temp\kxroapod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[3964] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                                                   00007ffec2651f6a 4 bytes [65, C2, FE, 7F]
.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[3964] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                                                   00007ffec2651f82 4 bytes [65, C2, FE, 7F]
.text    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                        00007ffed5cd169a 4 bytes [CD, D5, FE, 7F]
.text    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                        00007ffed5cd16a2 4 bytes [CD, D5, FE, 7F]
.text    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                           00007ffed5cd181a 4 bytes [CD, D5, FE, 7F]
.text    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe[2336] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                           00007ffed5cd1832 4 bytes [CD, D5, FE, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [564:588]                                                                                                                                                                                       fffff96000937b90
Thread   C:\Windows\Explorer.EXE [2128:2004]                                                                                                                                                                                           00007ffec83dd73c
---- Processes - GMER 2.1 ----

Process  C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\BIORYDIF\Gmer-19357.exe (*** suspicious ***) @ C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\BIORYDIF\Gmer-19357.exe [3884](2014-09-28 20:35:14)  0000000000400000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                         unknown MBR code

---- EOF - GMER 2.1 ----

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.08.2014
Suchlauf-Zeit: 20:52:56
Logdatei: mwb3814-1.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.03.06
Rootkit Datenbank: v2014.08.01.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 284064
Verstrichene Zeit: 21 Min, 3 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1148, Löschen bei Neustart, [7bb7af13bac140f69965d986e41d39c7]
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, 1244, Löschen bei Neustart, [ad859b27bcbfd6600a7e6dfd08f93dc3]

Module: 3
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [bf73be042c4ffc3aa0bc018ec0410bf5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3], 

Registrierungsschlüssel: 22
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [7bb7af13bac140f69965d986e41d39c7], 
PUP.Optional.WpManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm, In Quarantäne, [ad859b27bcbfd6600a7e6dfd08f93dc3], 
PUP.Optional.WpManager, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WPM, In Quarantäne, [ad859b27bcbfd6600a7e6dfd08f93dc3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\sweet-page uninstaller, In Quarantäne, [d85aa9192e4d152166f6b5da5fa2956b], 
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64, In Quarantäne, [dc56bf03e2991b1ba237e2efcd3557a9], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [0d25b40e483376c0f7a4c05d8e76629e], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [989a12b0710a280e6b17fb2b8b79f50b], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [7eb46e54017a53e318839786a65ea759], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [71c15c660873cc6a92c0785e010146ba], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [80b2764ce39832045e70c23969995ea2], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [2e04aa18c5b6dc5a0ddfa36e798b7789], 
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Löschen bei Neustart, [67cb7949e2996ec8788e795fae5422de], 
PUP.Optional.Qone8, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [41f1bc064f2c6acc3d5d48d51fe5e61a], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Löschen bei Neustart, [4fe320a2a4d77cbad57c6d69e022ea16], 

Registrierungswerte: 2
PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [290982403249af87234c869c8f75f40c]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, Löschen bei Neustart, [2e04aa18c5b6dc5a0ddfa36e798b7789]

Registrierungsdaten: 13
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Ersetzt,[4de52e94a8d34ee8b8a47d1226dbc33d]
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Ersetzt,[69c9cbf7a0db3bfbc993632c28d9cf31]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[81b170521665ef472212774862a27a86]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[52e0bb07d6a55adc66cdcaf57490f20e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[f33fdde5403bd066a491803f9173d12f]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[b9792f9387f456e01af83c7852b2d42c]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[c07205bd95e6a78f8746625c5fa5f10f]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[b57d863cf08b56e0a2923c83b74d6a96]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[1919883a9cdff343af844f70b64e4eb2]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Ersetzt,[e44e764c6d0e7cbab0851ea16c981ce4]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406&q={searchTerms}),Ersetzt,[c1717250f388c472f919417337cddf21]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[6cc6c9f9493295a1b914f3cb12f2f20e]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1399834204&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX71EB3P1406P1406),Löschen bei Neustart,[50e21ba70f6c6dc97db2407fc440a45c]

Ordner: 29
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Löschen bei Neustart, [979b734fbbc06accab1209ba13efb749], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [979b734fbbc06accab1209ba13efb749], 
PUP.Optional.SystemSpeedup, C:\Users\nurban\AppData\Roaming\Systweak\ssd, In Quarantäne, [85ad6a5896e577bfba1a82440101e11f], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Users\nurban\AppData\Roaming\SupTab, In Quarantäne, [ff337949a1da1620bf9a8b410ef4d927], 

Dateien: 70
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [7bb7af13bac140f69965d986e41d39c7], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [bf73be042c4ffc3aa0bc018ec0410bf5], 
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, Löschen bei Neustart, [ad859b27bcbfd6600a7e6dfd08f93dc3], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Löschen bei Neustart, [042e5b67e9920e28da91989de61a1de3], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [4de52e94a8d34ee8b8a47d1226dbc33d], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [69c9cbf7a0db3bfbc993632c28d9cf31], 
PUP.Optional.Skytech.A, C:\Users\nurban\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [d85aa9192e4d152166f6b5da5fa2956b], 
PUP.Optional.SkyTech.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\alilog.dll, In Quarantäne, [5ad8cef49cdf96a0dd581121c23ee41c], 
PUP.Optional.V9.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\qSE.exe, In Quarantäne, [1f13dfe3077465d1aa3952f69d632fd1], 
PUP.Optional.Skytech.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\UninstallManager.exe, In Quarantäne, [fe345270b3c867cf77e5325d55ac6c94], 
PUP.Optional.IePluginService.A, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\tmp\SupTab_Setup302.exe, In Quarantäne, [de5415ad4c2fec4a6a942a351fe2659b], 
PUP.Optional.WpManager, C:\Users\nurban\AppData\Local\Temp\228312\228312.zipDir\tmp\wpm_v18.8.0.273.exe, In Quarantäne, [072b348e4d2eb87edaae2248689901ff], 
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys, In Quarantäne, [dc56bf03e2991b1ba237e2efcd3557a9], 
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [9e94d8ea43382b0b166b42e4fc080ef2], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [979b734fbbc06accab1209ba13efb749], 
PUP.Optional.SystemSpeedup, C:\Users\nurban\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, In Quarantäne, [85ad6a5896e577bfba1a82440101e11f], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [44ee8d3592e9f4427bdd09c3c63c51af], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 31.08.2014
Suchlauf-Zeit: 21:23:02
Logdatei: mwb310814.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.31.05
Rootkit Datenbank: v2014.08.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 294969
Verstrichene Zeit: 32 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 3
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [990087426a115adcf4f49c51946e9d63], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantäne, [cecb4a7faecdfc3a7e36ed0043bff30d], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [13865d6cf289a690edfa4da00cf652ae], 

Registrierungswerte: 2
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, In Quarantäne, [cecb4a7faecdfc3a7e36ed0043bff30d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [13865d6cf289a690edfa4da00cf652ae]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.09.2014
Suchlauf-Zeit: 22:31:20
Logdatei: mwb110914.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.11.07
Rootkit Datenbank: v2014.09.10.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303058
Verstrichene Zeit: 29 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 

Dateien: 9
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\75.json, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\uninstallDlg.xml, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\bg1.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\button1.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\checked.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\close.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\min.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\Thumbs.db, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 
PUP.Optional.SweetPage.A, C:\Users\nurban\AppData\Roaming\sweet-page\images\unchecked.png, In Quarantäne, [f7093bb14c2f04327a0ded0c57abfe02], 

Physische Sektoren: 0
(No malicious items detected)


(end)

schrauber · 29.09.2014, 16:16

Zitat:

FRST (FABERS....) KONNTE ICH NICHT ANWENDEN! DA WINDOWS ES FÜR EINE POTENTIELL SCHÄDLICHE APP GEHALTEN HAT UND DIE ANWENDUNG NICHT ZUGELASSEN HAT. Bitte Info wir ich hier vorgehen soll!!!! DANKE!

Auf mehr Informationen klicken, dann auf trotzdem ausführen.

nicurb · 29.09.2014, 19:47

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by nurban at 2014-09-29 20:33:05
Running from C:\Users\nurban\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Brother MFL-Pro Suite DCP-165C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3323.57 - CyberLink Corp.) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKCU\...\Pokki) (Version: 0.269.3.181 - Pokki)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Packard Bell)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (Version: 1.0.0.1050 - Intel Corporation) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Nero BackItUp (x32 Version: 12.5.11000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15900 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20900 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Open Office Packages (HKCU\...\Open Office Packages) (Version:  - ) <==== ATTENTION
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Packard Bell Games (HKCU\...\Pokki_c3e2005ede46d0c9848c79a4f19e87561ed8d0aa) (Version: 1.1.9.43466 - Pokki)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Packard Bell)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.3.181 - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.11.90 - Akademische Arbeitsgemeinschaft)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-09-2014 19:54:04 Windows Update
11-09-2014 19:47:06 Windows Update
17-09-2014 18:25:29 Windows Update
19-09-2014 16:09:48 Installed AdblockIE
24-09-2014 19:04:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0334B737-D13F-4E04-84C7-6FEB81F54F6E} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {060E5357-E0DB-4CA1-A892-F6F61B005284} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33BAC385-7651-4485-B324-9F8C8C456F81} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35BA98D0-3A0D-4CE6-95AF-B98F4E389FB7} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E27AA1D-9B71-481C-A46C-4C54EB751716} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AF6266D-3165-4977-8DF8-7AFAF0588B20} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-09] ()
Task: {5D791350-7243-4FB7-91C2-80993FA266C7} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {5ED8ABF3-61F2-4F8C-94DF-B42A77D607BB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {60824EDA-0B4B-49FD-A8E1-FCC3CCD40AC3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A4F762B-C672-4B95-ACE3-C477D7FE9AB6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {952BC20A-ED0B-4632-A4FD-1C5FE84E8B65} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6423BB6-FE12-4F8C-93E1-105219168CDA} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {CC6E4DAC-83E6-47FE-98F0-EB0D3707697E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D364C9E3-491F-4F3E-9F46-4CF3A3CAD463} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F67D3F44-C38E-4AEE-AB91-CDFE74D5F0A0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-01-27 05:56 - 2013-07-30 19:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-07-11 21:43 - 2014-09-06 02:54 - 06281536 _____ () C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-05-11 20:41 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-06 22:50 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\nurban\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-11 20:41 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3566245272-3818164758-4293974047-500 - Administrator - Disabled)
Gast (S-1-5-21-3566245272-3818164758-4293974047-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3566245272-3818164758-4293974047-1003 - Limited - Enabled)
nurban (S-1-5-21-3566245272-3818164758-4293974047-1001 - Administrator - Enabled) => C:\Users\nurban

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2014 08:23:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/29/2014 07:52:05 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:52:05.933]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:52:04.414]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:52:02.220]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:52:00.673]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:51:59.137]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:51:57.603]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:51:56.083]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:54 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:51:54.548]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:53 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/09/29 19:51:53.013]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2


System errors:
=============
Error: (09/29/2014 11:39:42 AM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/29/2014 11:29:05 AM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/29/2014 11:28:35 AM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/29/2014 10:26:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎09.‎2014 um 00:14:50 unerwartet heruntergefahren.

Error: (09/28/2014 09:41:45 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 802.

Error: (09/28/2014 09:41:45 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 1106.

Error: (09/25/2014 10:50:15 PM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/25/2014 10:50:15 PM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/25/2014 10:50:15 PM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/25/2014 10:50:14 PM) (Source: DCOM) (EventID: 10010) (User: nics_notebook)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Microsoft Office Sessions:
=========================
Error: (09/29/2014 08:23:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (09/29/2014 07:52:05 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:52:05.933]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:52:04.414]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:52:02.220]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:52:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:52:00.673]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:51:59.137]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:57 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:51:57.603]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:51:56.083]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:54 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:51:54.548]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2

Error: (09/29/2014 07:51:53 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMWBrtWDLMW: [2014/09/29 19:51:53.013]: [00001900]: lperrcode->api = 1 , lperrcode->code = 2


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2920 @ 1.86GHz
Percentage of memory in use: 38%
Total physical RAM: 3979.34 MB
Available physical RAM: 2459.29 MB
Total Pagefile: 4683.34 MB
Available Pagefile: 2871.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:448.19 GB) (Free:401.51 GB) NTFS
Drive d: (AS Profi 4.0) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 148B7167)

Partition: GPT Partition Type.

==================== End Of Log ============================

hallo. das frst log ist zu lang. kann aus diesem fenster aber irgendwie keine anhänge einfügen... (sorry habs versucht nach der Anleitung zu machen,aber klappt irgendwie nicht, weiss nicht wo ich das menue "Anhänge verwalten" finde...)

schrauber · 30.09.2014, 15:21

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

nicurb · 30.09.2014, 19:17

Gute Idee :-)
Hier ist es...

Teil1:

[CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by nurban (administrator) on NICS_NOTEBOOK on 29-09-2014 20:27:59
Running from C:\Users\nurban\Downloads
Loaded Profile: nurban (Available profiles: nurban)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\nurban\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Amazon Music] => C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\RunOnce: [Application Restart #1] => C:\Users\nurban\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side (the data entry has 542 more characters).
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\MountPoints2: {f2d2b4f7-86fe-11e3-8252-806e6f6e6963} - "D:\autorun.bat"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {3EF20791-66B6-411D-98BD-772588130A79} URL =
SearchScopes: HKCU - {3EF20791-66B6-411D-98BD-772588130A79} URL =
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default
FF DefaultSearchEngine: sweet-page
FF SelectedSearchEngine: sweet-page
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default\Extensions\abs@avira.com [2014-09-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X]
S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64.exe
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64 (1).exe
2014-09-29 20:27 - 2014-09-29 20:27 - 00014417 _____ () C:\Users\nurban\Downloads\FRST.txt
2014-09-29 20:21 - 2014-09-29 20:21 - 00000923 _____ () C:\Users\nurban\Desktop\Bilder - Verknüpfung.lnk
2014-09-29 20:11 - 2014-09-29 20:28 - 00000000 ____D () C:\FRST
2014-09-29 20:08 - 2014-09-29 20:08 - 00000017 _____ () C:\Users\nurban\AppData\Local\resmon.resmoncfg
2014-09-29 10:33 - 2014-09-29 10:36 - 00000000 ____D () C:\Users\nurban\Desktop\Scan heute
2014-09-28 23:03 - 2014-09-29 10:52 - 00001690 _____ () C:\Users\nurban\Desktop\mwb310814.txt
2014-09-28 23:02 - 2014-09-29 10:53 - 00002608 _____ () C:\Users\nurban\Desktop\mwb110914.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-6.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-5.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-4.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-3.txt
2014-09-28 22:57 - 2014-09-29 10:51 - 00023618 _____ () C:\Users\nurban\Desktop\mwb3814-1.txt
2014-09-28 22:57 - 2014-09-28 22:57 - 00001146 _____ () C:\Users\nurban\Documents\mwb3814.txt
2014-09-28 22:48 - 2014-09-29 10:48 - 00003101 _____ () C:\Users\nurban\Desktop\gmer.txt
2014-09-28 22:31 - 2014-09-29 11:39 - 00000506 _____ () C:\Users\nurban\Desktop\defogger_disable.log
2014-09-28 22:31 - 2014-09-28 22:31 - 00000000 _____ () C:\Users\nurban\defogger_reenable
2014-09-24 21:06 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-23 21:53 - 2014-09-23 21:53 - 00000000 _____ () C:\Users\nurban\Sti_Trace.log
2014-09-20 22:47 - 2014-09-25 22:50 - 00022782 _____ () C:\Users\nurban\Desktop\Haushaltsbuch 09.14.ods
2014-09-20 21:06 - 2014-09-20 21:07 - 00144292 _____ () C:\Users\nurban\Downloads\Haushaltsbuch.zip
2014-09-20 21:06 - 2014-09-20 21:06 - 00816064 _____ ( ) C:\Users\nurban\Downloads\Haushaltsbuch_CB-DL-Manager.exe
2014-09-20 11:23 - 2014-09-20 21:11 - 00000000 ____D () C:\Users\nurban\Documents\Steuerfälle
2014-09-20 11:22 - 2014-09-20 11:22 - 00002233 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\Users\nurban\AppData\Local\AAV
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-09-20 11:21 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-09-20 11:17 - 2014-09-20 11:17 - 00000000 ____D () C:\Users\nurban\Desktop\SSEStandard_19.11
2014-09-20 11:08 - 2014-09-20 11:13 - 169519800 _____ () C:\Users\nurban\Desktop\SSEStandard_19.11.zip
2014-09-20 11:06 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\AAV
2014-09-20 10:37 - 2014-09-20 10:42 - 162097488 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09.exe
2014-09-20 10:37 - 2014-09-20 10:38 - 11927356 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09 (1).exe.vrl6ue1.partial
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-09-19 18:08 - 2014-09-19 18:08 - 02378752 _____ () C:\Users\nurban\Downloads\Adblock Installer.msi
2014-09-19 18:01 - 2014-09-19 18:06 - 349926168 _____ (Norman Shark AS) C:\Users\nurban\Downloads\Norman_0814Malware_Cleaner.exe
2014-09-19 17:32 - 2014-09-19 17:39 - 00000000 ____D () C:\AdwCleaner
2014-09-18 22:18 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-18 22:18 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-18 22:18 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-18 22:18 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-18 22:18 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-18 22:18 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-18 22:18 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-18 22:18 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-18 22:18 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-18 22:18 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-18 22:18 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-18 22:18 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-18 22:18 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-18 22:18 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-18 22:18 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-18 22:18 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-18 22:18 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-18 22:18 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-18 22:17 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-18 22:17 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-18 22:17 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-18 22:17 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-18 22:17 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-18 22:17 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-18 22:17 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-18 22:17 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-18 22:17 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-18 22:17 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-18 22:17 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-18 22:17 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-18 22:17 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-18 22:17 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-18 22:17 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-18 22:17 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-18 22:17 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-18 22:17 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-18 22:17 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-18 22:17 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-18 22:17 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-18 22:17 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-18 22:17 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-18 22:17 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-18 22:17 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-18 22:17 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-18 22:17 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-18 22:17 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-18 22:17 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-18 22:17 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-18 22:17 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-18 22:17 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-18 22:17 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-18 22:17 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-18 22:17 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-18 22:17 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-18 22:17 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-18 22:17 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-18 22:17 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-18 22:17 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-18 22:17 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-18 22:17 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-18 22:17 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-18 22:17 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-18 22:17 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-18 22:17 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-18 22:17 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-18 22:17 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-18 22:17 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-18 22:17 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-18 22:17 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 22:17 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-18 22:17 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-18 22:17 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-18 22:17 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-18 22:17 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-18 22:17 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-18 22:17 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-18 22:17 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-18 22:17 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-18 22:17 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-18 22:17 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-18 22:17 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-18 22:17 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-18 22:17 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-18 22:17 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-18 22:17 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-18 22:17 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-18 22:17 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-18 22:17 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-18 22:17 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-18 22:17 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-17 21:38 - 2014-09-17 21:38 - 00001165 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-17 21:33 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-17 21:33 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-17 20:29 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 20:29 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 20:29 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 20:29 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 20:29 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 20:29 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 20:28 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 20:28 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 20:28 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 20:28 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-16 21:45 - 2014-09-25 22:50 - 00038400 ___SH () C:\Users\nurban\Desktop\Thumbs.db
2014-09-16 21:44 - 2014-09-16 22:56 - 00065937 _____ () C:\Users\nurban\Desktop\Lebenslauf neu_07.09.2014.odt
2014-09-16 21:30 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-16 21:30 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-16 21:30 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-16 21:30 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-16 21:30 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-16 21:30 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-16 21:30 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-16 21:30 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-16 21:29 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-16 21:29 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-16 21:28 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 21:53 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 21:53 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 21:53 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:53 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 21:53 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:53 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:53 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:53 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:53 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:53 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:52 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-11 21:52 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-11 21:52 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:52 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:52 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:52 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:52 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:52 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:52 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:52 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:52 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:52 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:52 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:52 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:52 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:52 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-06 23:26 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-06 23:26 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-06 23:26 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-06 23:25 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-06 23:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-06 23:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-06 23:25 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-06 23:25 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-06 23:25 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-06 23:25 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-06 23:25 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-06 23:25 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-06 23:25 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-06 23:25 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-06 23:25 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-06 23:25 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-06 23:25 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-06 23:25 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-06 23:24 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-06 23:24 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-06 23:24 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-06 23:24 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-06 23:24 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-06 23:24 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-06 23:20 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-06 23:20 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-06 23:20 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-06 23:20 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-06 23:20 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-06 23:20 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-06 23:20 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-06 23:20 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-06 23:20 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-06 23:20 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-06 23:20 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-06 23:20 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-06 23:20 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-06 23:20 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-06 23:20 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-06 23:20 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-06 23:20 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-06 23:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-06 23:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-06 23:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-06 23:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-06 23:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-06 23:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-06 23:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-06 23:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-06 23:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-06 23:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-06 23:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-06 23:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-06 23:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-06 23:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-06 23:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-06 23:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-06 23:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-06 23:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-06 23:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-06 23:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-06 23:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-06 23:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-06 23:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-06 23:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-06 23:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-06 23:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-06 23:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-06 23:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-06 23:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-06 23:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-06 23:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-06 23:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-06 23:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-06 23:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-06 23:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-06 23:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-06 23:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-06 23:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-06 23:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-06 23:18 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-06 23:18 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-06 23:18 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-06 23:18 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-06 23:18 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-06 23:18 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-06 23:18 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-06 23:18 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-06 22:53 - 2014-09-06 22:54 - 00002195 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-09-06 22:53 - 2014-09-06 22:53 - 00002369 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packard Bell Games.lnk
2014-09-06 22:50 - 2014-09-17 21:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieUserList
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieSiteList
2014-08-31 22:57 - 2014-08-31 22:57 - 00018087 _____ () C:\Users\nurban\Documents\einladung 1. elternbeiratssitzung.odt
2014-08-31 22:45 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-08-31 22:45 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-08-31 22:45 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-08-31 22:45 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-08-31 22:45 - 2014-02-08 03:08 - 00139600 _____ () C:\Windows\system32\systemsf.ebd
2014-08-31 22:44 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-08-31 22:44 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-08-31 22:44 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-08-31 22:44 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-08-31 22:44 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-08-31 22:44 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-31 22:44 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-08-31 22:44 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-31 22:44 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-31 22:44 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-31 22:43 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-08-31 22:43 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-31 22:43 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-08-31 22:43 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-08-31 22:43 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-08-31 22:43 - 2014-02-22 17:44 - 00539992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-08-31 22:43 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-08-31 22:43 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-08-31 22:43 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-08-31 22:43 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-08-31 22:43 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-08-31 22:43 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-31 22:43 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-08-31 22:43 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-08-31 22:43 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-08-31 22:43 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-08-31 22:43 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-31 22:43 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2014-08-31 22:43 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-08-31 22:43 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2014-08-31 22:43 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-08-31 22:43 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-08-31 22:43 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-08-31 22:43 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2014-08-31 22:43 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-31 22:43 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-08-31 22:43 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-08-31 22:43 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-08-31 22:43 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2014-08-31 22:43 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-08-31 22:43 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-08-31 22:43 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-08-31 22:43 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-08-31 22:43 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-08-31 22:43 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-08-31 22:43 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-08-31 22:43 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-08-31 22:43 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-08-31 22:43 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-31 22:43 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-08-31 22:43 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-31 22:43 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-08-31 22:43 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-08-31 22:43 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-08-31 22:43 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-08-31 22:43 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-31 22:43 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-31 22:42 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-08-31 22:42 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-08-31 22:42 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-08-31 22:42 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-08-31 22:42 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-08-31 22:42 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-08-31 22:42 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-08-31 22:42 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-08-31 22:42 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-08-31 22:42 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-08-31 22:42 - 2014-02-22 17:49 - 00148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-31 22:42 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-08-31 22:42 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-31 22:42 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-08-31 22:42 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-08-31 22:42 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-08-31 22:42 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-08-31 22:42 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-08-31 22:42 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-31 22:42 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-08-31 22:42 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-08-31 22:42 - 2014-02-22 14:11 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-31 22:42 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-08-31 22:42 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2014-08-31 22:42 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-08-31 22:42 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2014-08-31 22:42 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-08-31 22:42 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-08-31 22:42 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-08-31 22:42 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-08-31 22:42 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2014-08-31 22:42 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-08-31 22:42 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-08-31 22:42 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-08-31 22:42 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2014-08-31 22:42 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-31 22:42 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2014-08-31 22:42 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-31 22:42 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-08-31 22:42 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-31 22:42 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-08-31 22:42 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-08-31 22:42 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-08-31 22:42 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-08-31 22:42 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2014-08-31 22:42 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-31 22:42 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-08-31 22:42 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-31 22:42 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-31 22:42 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-08-31 22:42 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-08-31 22:42 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-08-31 22:42 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-08-31 22:42 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-31 22:42 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-08-31 22:42 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-31 22:42 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-08-31 22:42 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2014-08-31 22:42 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-31 22:42 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2014-08-31 22:42 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-08-31 22:42 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2014-08-31 22:42 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2014-08-31 22:42 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2014-08-31 22:42 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-31 22:42 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2014-08-31 22:42 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-08-31 22:42 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-08-31 22:42 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-08-31 22:42 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2014-08-31 22:42 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2014-08-31 22:42 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-08-31 22:42 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-31 22:42 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-08-31 22:42 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-08-31 22:42 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2014-08-31 22:42 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-08-31 22:42 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-31 22:42 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-08-31 22:42 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-08-31 22:42 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-08-31 22:42 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-31 22:42 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2014-08-31 22:42 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-08-31 22:42 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2014-08-31 22:42 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-08-31 22:42 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-31 22:42 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-08-31 22:42 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-08-31 22:42 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-08-31 22:42 - 2014-02-22 06:33 - 00262335 _____ () C:\Windows\system32\dfpinc.dat
2014-08-31 22:42 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-31 22:42 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-08-31 22:42 - 2014-01-29 10:52 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-08-31 22:42 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-08-31 22:42 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-08-31 22:42 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2014-08-31 22:42 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-31 22:42 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-08-31 22:42 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-08-31 22:41 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-08-31 22:41 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2014-08-31 22:41 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-08-31 22:41 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-08-31 22:41 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2014-08-31 22:41 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-08-31 22:41 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-08-31 22:41 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-31 22:41 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-08-31 22:41 - 2014-02-22 18:00 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-08-31 22:41 - 2014-02-22 18:00 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-08-31 22:41 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2014-08-31 22:41 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2014-08-31 22:41 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-08-31 22:41 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2014-08-31 22:41 - 2014-02-22 17:49 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-08-31 22:41 - 2014-02-22 17:49 - 00189784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-08-31 22:41 - 2014-02-22 17:49 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-08-31 22:41 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2014-08-31 22:41 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-31 22:41 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2014-08-31 22:41 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-08-31 22:41 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-08-31 22:41 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-08-31 22:41 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2014-08-31 22:41 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-08-31 22:41 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-08-31 22:41 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2014-08-31 22:41 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2014-08-31 22:41 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2014-08-31 22:41 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2014-08-31 22:41 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2014-08-31 22:41 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-08-31 22:41 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-08-31 22:41 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-08-31 22:41 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-08-31 22:41 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2014-08-31 22:41 - 2014-02-22 14:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2014-08-31 22:41 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-08-31 22:41 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-08-31 22:41 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-31 22:41 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-08-31 22:41 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-08-31 22:41 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2014-08-31 22:41 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-31 22:41 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-08-31 22:41 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-08-31 22:41 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-31 22:41 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-08-31 22:41 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-08-31 22:41 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2014-08-31 22:41 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2014-08-31 22:41 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2014-08-31 22:41 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-08-31 22:41 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-08-31 22:41 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-08-31 22:41 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-08-31 22:41 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-08-31 22:41 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-08-31 22:41 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-08-31 22:41 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2014-08-31 22:41 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-08-31 22:41 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2014-08-31 22:41 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-08-31 22:41 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2014-08-31 22:41 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2014-08-31 22:41 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2014-08-31 22:41 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-08-31 22:41 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-31 22:41 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-08-31 22:41 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-08-31 22:41 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2014-08-31 22:41 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-08-31 22:41 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-31 22:41 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-08-31 22:41 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-08-31 22:41 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-08-31 22:41 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-08-31 22:41 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-08-31 22:41 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2014-08-31 22:41 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-08-31 22:41 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2014-08-31 22:41 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-08-31 22:41 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-08-31 22:41 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-08-31 22:41 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-08-31 22:41 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2014-08-31 22:41 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-08-31 22:41 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-08-31 22:41 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-08-31 22:41 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2014-08-31 22:41 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-08-31 22:41 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-08-31 22:41 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-08-31 22:41 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-08-31 22:41 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-08-31 22:41 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-08-31 22:41 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-08-31 22:41 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2014-08-31 22:41 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-31 22:41 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-08-31 22:41 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-08-31 22:41 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-08-31 22:41 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-08-31 22:41 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2014-08-31 22:41 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2014-08-31 22:41 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-08-31 22:41 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-31 22:41 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-08-31 22:41 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-08-31 22:41 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-08-31 22:41 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-08-31 22:41 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2014-08-31 22:41 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2014-08-31 22:41 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-08-31 22:41 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2014-08-31 22:41 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-08-31 22:41 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2014-08-31 22:41 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-08-31 22:41 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2014-08-31 22:41 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2014-08-31 22:41 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-08-31 22:41 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2014-08-31 22:41 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-08-31 22:41 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-08-31 22:41 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-08-31 22:41 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2014-08-31 22:41 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2014-08-31 22:41 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll
2014-08-31 22:41 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2014-08-31 22:41 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-08-31 22:41 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll
2014-08-31 22:41 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-31 22:41 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2014-08-31 22:41 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-08-31 22:41 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2014-08-31 22:41 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2014-08-31 22:41 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll
2014-08-31 22:41 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2014-08-31 22:41 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-31 22:41 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-31 22:41 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-08-31 22:41 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-08-31 22:41 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2014-08-31 22:41 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll
2014-08-31 22:41 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2014-08-31 22:41 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2014-08-31 22:41 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-08-31 22:41 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2014-08-31 22:41 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-31 22:41 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2014-08-31 22:41 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2014-08-31 22:41 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2014-08-31 22:41 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2014-08-31 22:41 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2014-08-31 22:41 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2014-08-31 22:41 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-31 22:41 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-08-31 22:41 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-08-31 22:41 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-08-31 22:41 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-08-31 22:41 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-08-31 22:41 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-08-31 22:41 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-31 22:41 - 2014-01-27 21:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2014-08-31 22:41 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2014-08-31 22:41 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2014-08-31 22:41 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2014-08-31 22:41 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-31 22:41 - 2013-12-04 20:41 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2014-08-31 22:41 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-08-31 22:41 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2014-08-31 22:40 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-08-31 22:40 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-08-31 22:40 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-08-31 22:40 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-08-31 22:40 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-08-31 22:40 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-08-31 22:40 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-08-31 22:40 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2014-08-31 22:40 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-08-31 22:40 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-08-31 22:40 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-08-31 22:40 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2014-08-31 22:40 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-08-31 22:40 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-08-31 22:40 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-08-31 22:40 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-08-31 22:40 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-08-31 22:40 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-08-31 22:40 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-08-31 22:40 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-08-31 22:40 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-08-31 22:40 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-08-31 22:40 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll
2014-08-31 22:40 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-08-31 22:40 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-08-31 22:40 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2014-08-31 22:40 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-08-31 22:40 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-08-31 22:40 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-08-31 22:40 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 22:40 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-31 22:40 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-31 22:40 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2014-08-31 22:40 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-08-31 22:40 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-08-31 22:40 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-08-31 22:40 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2014-08-31 22:40 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-08-31 22:40 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2014-08-31 22:40 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) CODE]

nicurb · 30.09.2014, 19:18

Teil 2:

Code:

ATTFilter

C:\Windows\system32\pnpclean.dll
2014-08-31 22:40 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
2014-08-31 22:40 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-08-31 22:40 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2014-08-31 22:40 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-08-31 22:40 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-08-31 22:40 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2014-08-31 22:40 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-08-31 22:40 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-08-31 22:40 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-08-31 22:40 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-08-31 22:40 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-08-31 22:40 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-08-31 22:40 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-08-31 22:40 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-31 22:40 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-31 22:40 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2014-08-31 22:40 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-08-31 22:40 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2014-08-31 22:40 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-08-31 22:40 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-08-31 22:40 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-08-31 22:40 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-08-31 22:40 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-08-31 22:40 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2014-08-31 22:40 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2014-08-31 22:40 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-31 22:40 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2014-08-31 22:40 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2014-08-31 22:40 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2014-08-31 22:40 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2014-08-31 22:40 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2014-08-31 22:40 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2014-08-31 22:40 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2014-08-31 22:40 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2014-08-31 22:40 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-08-31 22:40 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2014-08-31 22:40 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2014-08-31 22:40 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2014-08-31 22:40 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll
2014-08-31 22:40 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-08-31 22:40 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll
2014-08-31 22:40 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-08-31 22:40 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-08-31 22:40 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-08-31 22:40 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2014-08-31 22:40 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-08-31 22:40 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll
2014-08-31 22:40 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-08-31 22:40 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll
2014-08-31 22:40 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2014-08-31 22:40 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2014-08-31 22:40 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-08-31 22:40 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2014-08-31 22:40 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-08-31 22:40 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2014-08-31 22:40 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2014-08-31 22:40 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-08-31 22:40 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2014-08-31 22:40 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2014-08-31 22:40 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2014-08-31 22:40 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2014-08-31 22:40 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2014-08-31 22:40 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2014-08-31 22:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-08-31 22:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-08-31 22:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-08-31 22:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-08-31 22:40 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\SysWOW64\RacRules.xml
2014-08-31 22:40 - 2014-02-08 03:08 - 00100197 _____ () C:\Windows\system32\RacRules.xml
2014-08-31 22:40 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00011109 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00007762 _____ () C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00007130 _____ () C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms
2014-08-31 22:40 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\SysWOW64\WimBootCompress.ini
2014-08-31 22:40 - 2014-02-01 08:00 - 00002255 _____ () C:\Windows\system32\WimBootCompress.ini
2014-08-31 22:40 - 2014-01-31 14:09 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-08-31 22:40 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-08-31 22:40 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe
2014-08-31 22:39 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 15:36 - 2014-01-27 05:29 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-01-27 05:29 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-09-29 20:18 - 2014-01-27 05:06 - 01936418 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 20:16 - 2014-06-16 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-29 19:52 - 2014-05-06 22:17 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9B50CFB6-1E7A-48F4-91A2-8A128F0FB89E}
2014-09-29 13:00 - 2014-05-06 22:10 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3566245272-3818164758-4293974047-1001
2014-09-29 11:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-29 10:49 - 2014-08-03 20:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-29 10:31 - 2014-01-27 13:49 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-09-29 10:31 - 2014-01-27 13:49 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-09-29 10:31 - 2013-11-06 13:44 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-29 10:29 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\nurban\AppData\Local\Pokki
2014-09-29 10:26 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 22:31 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\nurban
2014-09-28 21:22 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-28 21:13 - 2013-11-06 13:33 - 00920546 _____ () C:\Windows\PFRO.log
2014-09-28 21:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-25 20:36 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 21:15 - 2013-08-22 16:44 - 00362760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 21:11 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-24 21:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-20 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-19 18:14 - 2013-08-22 16:46 - 00023340 _____ () C:\Windows\setupact.log
2014-09-19 17:56 - 2014-05-19 22:36 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 21:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-17 21:24 - 2014-05-07 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 21:22 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-11 22:16 - 2014-06-16 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-06 22:56 - 2014-05-11 21:07 - 00000000 ____D () C:\Users\nurban\AppData\Local\CrashDumps
2014-09-06 22:53 - 2014-05-07 07:09 - 00002333 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-09-06 22:50 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Avira
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-06 22:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

Some content of TEMP:
====================
C:\Users\nurban\AppData\Local\Temp\avgnt.exe
C:\Users\nurban\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\nurban\AppData\Local\Temp\oct113A.tmp.exe
C:\Users\nurban\AppData\Local\Temp\oct81A6.tmp.exe
C:\Users\nurban\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-20 23:03

==================== End Of Log ==========================

nicurb · 30.09.2014, 19:35

Hier noch mal Teil 1, glaub das mit dem in diese Box setzen hat irgendwie nicht gelappt. Sorry

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by nurban (administrator) on NICS_NOTEBOOK on 29-09-2014 20:27:59
Running from C:\Users\nurban\Downloads
Loaded Profile: nurban (Available profiles: nurban)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\nurban\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Amazon Music] => C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\RunOnce: [Application Restart #1] => C:\Users\nurban\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side (the data entry has 542 more characters).
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\MountPoints2: {f2d2b4f7-86fe-11e3-8252-806e6f6e6963} - "D:\autorun.bat" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {3EF20791-66B6-411D-98BD-772588130A79} URL = 
SearchScopes: HKCU - {3EF20791-66B6-411D-98BD-772588130A79} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default
FF DefaultSearchEngine: sweet-page
FF SelectedSearchEngine: sweet-page
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default\Extensions\abs@avira.com [2014-09-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X]
S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64.exe
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64 (1).exe
2014-09-29 20:27 - 2014-09-29 20:27 - 00014417 _____ () C:\Users\nurban\Downloads\FRST.txt
2014-09-29 20:21 - 2014-09-29 20:21 - 00000923 _____ () C:\Users\nurban\Desktop\Bilder - Verknüpfung.lnk
2014-09-29 20:11 - 2014-09-29 20:28 - 00000000 ____D () C:\FRST
2014-09-29 20:08 - 2014-09-29 20:08 - 00000017 _____ () C:\Users\nurban\AppData\Local\resmon.resmoncfg
2014-09-29 10:33 - 2014-09-29 10:36 - 00000000 ____D () C:\Users\nurban\Desktop\Scan heute
2014-09-28 23:03 - 2014-09-29 10:52 - 00001690 _____ () C:\Users\nurban\Desktop\mwb310814.txt
2014-09-28 23:02 - 2014-09-29 10:53 - 00002608 _____ () C:\Users\nurban\Desktop\mwb110914.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-6.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-5.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-4.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-3.txt
2014-09-28 22:57 - 2014-09-29 10:51 - 00023618 _____ () C:\Users\nurban\Desktop\mwb3814-1.txt
2014-09-28 22:57 - 2014-09-28 22:57 - 00001146 _____ () C:\Users\nurban\Documents\mwb3814.txt
2014-09-28 22:48 - 2014-09-29 10:48 - 00003101 _____ () C:\Users\nurban\Desktop\gmer.txt
2014-09-28 22:31 - 2014-09-29 11:39 - 00000506 _____ () C:\Users\nurban\Desktop\defogger_disable.log
2014-09-28 22:31 - 2014-09-28 22:31 - 00000000 _____ () C:\Users\nurban\defogger_reenable
2014-09-24 21:06 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-23 21:53 - 2014-09-23 21:53 - 00000000 _____ () C:\Users\nurban\Sti_Trace.log
2014-09-20 22:47 - 2014-09-25 22:50 - 00022782 _____ () C:\Users\nurban\Desktop\Haushaltsbuch 09.14.ods
2014-09-20 21:06 - 2014-09-20 21:07 - 00144292 _____ () C:\Users\nurban\Downloads\Haushaltsbuch.zip
2014-09-20 21:06 - 2014-09-20 21:06 - 00816064 _____ ( ) C:\Users\nurban\Downloads\Haushaltsbuch_CB-DL-Manager.exe
2014-09-20 11:23 - 2014-09-20 21:11 - 00000000 ____D () C:\Users\nurban\Documents\Steuerfälle
2014-09-20 11:22 - 2014-09-20 11:22 - 00002233 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\Users\nurban\AppData\Local\AAV
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-09-20 11:21 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-09-20 11:17 - 2014-09-20 11:17 - 00000000 ____D () C:\Users\nurban\Desktop\SSEStandard_19.11
2014-09-20 11:08 - 2014-09-20 11:13 - 169519800 _____ () C:\Users\nurban\Desktop\SSEStandard_19.11.zip
2014-09-20 11:06 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\AAV
2014-09-20 10:37 - 2014-09-20 10:42 - 162097488 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09.exe
2014-09-20 10:37 - 2014-09-20 10:38 - 11927356 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09 (1).exe.vrl6ue1.partial
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-09-19 18:08 - 2014-09-19 18:08 - 02378752 _____ () C:\Users\nurban\Downloads\Adblock Installer.msi
2014-09-19 18:01 - 2014-09-19 18:06 - 349926168 _____ (Norman Shark AS) C:\Users\nurban\Downloads\Norman_0814Malware_Cleaner.exe
2014-09-19 17:32 - 2014-09-19 17:39 - 00000000 ____D () C:\AdwCleaner
2014-09-18 22:18 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-18 22:18 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-18 22:18 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-18 22:18 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-18 22:18 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-18 22:18 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-18 22:18 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-18 22:18 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-18 22:18 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-18 22:18 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-18 22:18 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-18 22:18 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-18 22:18 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-18 22:18 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-18 22:18 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-18 22:18 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-18 22:18 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-18 22:18 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-18 22:17 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-18 22:17 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-18 22:17 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-18 22:17 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-18 22:17 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-18 22:17 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-18 22:17 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-18 22:17 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-18 22:17 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-18 22:17 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-18 22:17 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-18 22:17 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-18 22:17 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-18 22:17 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-18 22:17 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-18 22:17 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-18 22:17 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-18 22:17 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-18 22:17 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-18 22:17 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-18 22:17 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-18 22:17 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-18 22:17 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-18 22:17 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-18 22:17 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-18 22:17 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-18 22:17 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-18 22:17 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-18 22:17 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-18 22:17 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-18 22:17 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-18 22:17 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-18 22:17 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-18 22:17 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-18 22:17 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-18 22:17 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-18 22:17 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-18 22:17 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-18 22:17 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-18 22:17 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-18 22:17 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-18 22:17 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-18 22:17 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-18 22:17 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-18 22:17 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-18 22:17 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-18 22:17 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-18 22:17 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-18 22:17 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-18 22:17 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-18 22:17 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 22:17 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-18 22:17 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-18 22:17 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-18 22:17 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-18 22:17 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-18 22:17 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-18 22:17 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-18 22:17 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-18 22:17 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-18 22:17 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-18 22:17 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-18 22:17 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-18 22:17 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-18 22:17 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-18 22:17 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-18 22:17 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-18 22:17 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-18 22:17 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-18 22:17 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-18 22:17 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-18 22:17 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-17 21:38 - 2014-09-17 21:38 - 00001165 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-17 21:33 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-17 21:33 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-17 20:29 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 20:29 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 20:29 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 20:29 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 20:29 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 20:29 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 20:28 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 20:28 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 20:28 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 20:28 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-16 21:45 - 2014-09-25 22:50 - 00038400 ___SH () C:\Users\nurban\Desktop\Thumbs.db
2014-09-16 21:44 - 2014-09-16 22:56 - 00065937 _____ () C:\Users\nurban\Desktop\Lebenslauf neu_07.09.2014.odt
2014-09-16 21:30 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-16 21:30 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-16 21:30 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-16 21:30 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-16 21:30 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-16 21:30 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-16 21:30 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-16 21:30 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-16 21:29 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-16 21:29 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-16 21:28 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 21:53 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 21:53 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 21:53 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:53 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 21:53 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:53 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:53 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:53 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:53 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:53 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:52 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-11 21:52 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-11 21:52 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:52 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:52 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:52 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:52 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:52 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:52 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:52 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:52 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:52 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:52 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:52 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:52 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:52 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-06 23:26 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-06 23:26 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-06 23:26 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-06 23:25 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-06 23:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-06 23:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-06 23:25 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-06 23:25 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-06 23:25 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-06 23:25 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-06 23:25 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-06 23:25 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-06 23:25 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-06 23:25 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-06 23:25 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-06 23:25 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-06 23:25 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-06 23:25 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-06 23:24 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-06 23:24 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-06 23:24 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-06 23:24 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-06 23:24 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-06 23:24 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-06 23:20 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-06 23:20 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-06 23:20 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-06 23:20 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-06 23:20 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-06 23:20 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-06 23:20 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-06 23:20 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-06 23:20 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-06 23:20 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-06 23:20 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-06 23:20 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-06 23:20 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-06 23:20 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-06 23:20 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-06 23:20 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-06 23:20 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-06 23:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-06 23:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-06 23:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-06 23:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-06 23:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-06 23:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-06 23:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-06 23:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-06 23:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-06 23:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-06 23:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-06 23:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-06 23:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-06 23:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-06 23:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-06 23:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-06 23:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-06 23:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-06 23:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-06 23:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-06 23:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-06 23:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-06 23:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-06 23:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-06 23:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-06 23:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-06 23:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-06 23:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-06 23:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-06 23:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-06 23:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-06 23:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-06 23:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-06 23:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-06 23:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-06 23:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-06 23:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-06 23:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-06 23:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-06 23:18 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-06 23:18 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-06 23:18 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-06 23:18 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-06 23:18 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-06 23:18 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-06 23:18 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-06 23:18 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-06 22:53 - 2014-09-06 22:54 - 00002195 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-09-06 22:53 - 2014-09-06 22:53 - 00002369 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packard Bell Games.lnk
2014-09-06 22:50 - 2014-09-17 21:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieUserList
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieSiteList
2014-08-31 22:57 - 2014-08-31 22:57 - 00018087 _____ () C:\Users\nurban\Documents\einladung 1. elternbeiratssitzung.odt
2014-08-31 22:45 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-08-31 22:45 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-08-31 22:45 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-08-31 22:45 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-08-31 22:45 - 2014-02-08 03:08 - 00139600 _____ () C:\Windows\system32\systemsf.ebd
2014-08-31 22:44 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-08-31 22:44 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-08-31 22:44 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-08-31 22:44 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-08-31 22:44 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-08-31 22:44 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-31 22:44 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-08-31 22:44 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-31 22:44 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-31 22:44 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-31 22:43 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-08-31 22:43 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-31 22:43 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-08-31 22:43 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-08-31 22:43 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-08-31 22:43 - 2014-02-22 17:44 - 00539992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-08-31 22:43 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-08-31 22:43 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-08-31 22:43 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-08-31 22:43 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-08-31 22:43 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-08-31 22:43 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-31 22:43 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-08-31 22:43 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-08-31 22:43 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-08-31 22:43 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-08-31 22:43 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-31 22:43 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2014-08-31 22:43 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-08-31 22:43 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2014-08-31 22:43 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-08-31 22:43 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-08-31 22:43 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-08-31 22:43 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2014-08-31 22:43 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-31 22:43 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-08-31 22:43 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-08-31 22:43 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-08-31 22:43 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2014-08-31 22:43 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-08-31 22:43 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-08-31 22:43 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-08-31 22:43 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-08-31 22:43 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-08-31 22:43 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-08-31 22:43 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-08-31 22:43 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-08-31 22:43 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-08-31 22:43 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-31 22:43 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-08-31 22:43 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-31 22:43 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-08-31 22:43 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-08-31 22:43 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-08-31 22:43 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-08-31 22:43 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-31 22:43 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-31 22:42 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-08-31 22:42 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-08-31 22:42 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-08-31 22:42 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-08-31 22:42 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-08-31 22:42 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-08-31 22:42 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-08-31 22:42 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-08-31 22:42 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-08-31 22:42 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-08-31 22:42 - 2014-02-22 17:49 - 00148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-31 22:42 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-08-31 22:42 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-31 22:42 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-08-31 22:42 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-08-31 22:42 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-08-31 22:42 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-08-31 22:42 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-08-31 22:42 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-31 22:42 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-08-31 22:42 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-08-31 22:42 - 2014-02-22 14:11 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-08-31 22:42 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-08-31 22:42 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2014-08-31 22:42 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-08-31 22:42 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2014-08-31 22:42 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-08-31 22:42 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-08-31 22:42 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-08-31 22:42 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-08-31 22:42 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2014-08-31 22:42 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-08-31 22:42 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-08-31 22:42 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-08-31 22:42 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2014-08-31 22:42 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-31 22:42 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2014-08-31 22:42 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-31 22:42 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-08-31 22:42 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-31 22:42 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-08-31 22:42 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-08-31 22:42 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-08-31 22:42 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-08-31 22:42 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2014-08-31 22:42 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-31 22:42 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-08-31 22:42 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-31 22:42 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-31 22:42 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-08-31 22:42 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-08-31 22:42 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-08-31 22:42 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-08-31 22:42 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-31 22:42 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-08-31 22:42 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-31 22:42 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-08-31 22:42 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2014-08-31 22:42 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-31 22:42 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2014-08-31 22:42 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-08-31 22:42 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2014-08-31 22:42 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-08-31 22:42 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2014-08-31 22:42 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2014-08-31 22:42 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-31 22:42 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2014-08-31 22:42 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-08-31 22:42 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-08-31 22:42 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-08-31 22:42 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2014-08-31 22:42 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2014-08-31 22:42 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-08-31 22:42 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-31 22:42 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-31 22:42 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-08-31 22:42 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-08-31 22:42 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2014-08-31 22:42 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-08-31 22:42 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-31 22:42 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-08-31 22:42 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-08-31 22:42 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-08-31 22:42 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-31 22:42 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2014-08-31 22:42 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-08-31 22:42 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2014-08-31 22:42 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-08-31 22:42 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-31 22:42 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-08-31 22:42 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-08-31 22:42 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-08-31 22:42 - 2014-02-22 06:33 - 00262335 _____ () C:\Windows\system32\dfpinc.dat
2014-08-31 22:42 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-31 22:42 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-08-31 22:42 - 2014-01-29 10:52 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-08-31 22:42 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-08-31 22:42 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-08-31 22:42 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2014-08-31 22:42 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-31 22:42 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-08-31 22:42 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-08-31 22:41 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-08-31 22:41 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2014-08-31 22:41 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-08-31 22:41 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-08-31 22:41 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2014-08-31 22:41 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-08-31 22:41 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-08-31 22:41 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-31 22:41 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-08-31 22:41 - 2014-02-22 18:00 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-08-31 22:41 - 2014-02-22 18:00 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-08-31 22:41 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2014-08-31 22:41 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2014-08-31 22:41 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-08-31 22:41 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2014-08-31 22:41 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2014-08-31 22:41 - 2014-02-22 17:49 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-08-31 22:41 - 2014-02-22 17:49 - 00189784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-08-31 22:41 - 2014-02-22 17:49 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-08-31 22:41 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2014-08-31 22:41 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-31 22:41 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2014-08-31 22:41 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-08-31 22:41 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-08-31 22:41 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-08-31 22:41 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2014-08-31 22:41 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-08-31 22:41 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-08-31 22:41 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2014-08-31 22:41 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2014-08-31 22:41 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2014-08-31 22:41 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2014-08-31 22:41 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2014-08-31 22:41 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-08-31 22:41 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-08-31 22:41 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-08-31 22:41 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-08-31 22:41 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2014-08-31 22:41 - 2014-02-22 14:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2014-08-31 22:41 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-08-31 22:41 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-08-31 22:41 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-31 22:41 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-08-31 22:41 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-08-31 22:41 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2014-08-31 22:41 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-31 22:41 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-08-31 22:41 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-08-31 22:41 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-31 22:41 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-08-31 22:41 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-08-31 22:41 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2014-08-31 22:41 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2014-08-31 22:41 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2014-08-31 22:41 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-08-31 22:41 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-08-31 22:41 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-08-31 22:41 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-08-31 22:41 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-08-31 22:41 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-08-31 22:41 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-08-31 22:41 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2014-08-31 22:41 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-08-31 22:41 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2014-08-31 22:41 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-08-31 22:41 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2014-08-31 22:41 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2014-08-31 22:41 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2014-08-31 22:41 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-08-31 22:41 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-31 22:41 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-08-31 22:41 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-08-31 22:41 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2014-08-31 22:41 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-08-31 22:41 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-31 22:41 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-08-31 22:41 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-08-31 22:41 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-08-31 22:41 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-08-31 22:41 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-08-31 22:41 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2014-08-31 22:41 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-08-31 22:41 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2014-08-31 22:41 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-08-31 22:41 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-08-31 22:41 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-08-31 22:41 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-08-31 22:41 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2014-08-31 22:41 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-08-31 22:41 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-08-31 22:41 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-08-31 22:41 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2014-08-31 22:41 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-08-31 22:41 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-08-31 22:41 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-08-31 22:41 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-08-31 22:41 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-08-31 22:41 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-08-31 22:41 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-08-31 22:41 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2014-08-31 22:41 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-08-31 22:41 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-08-31 22:41 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-08-31 22:41 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-08-31 22:41 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-08-31 22:41 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2014-08-31 22:41 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2014-08-31 22:41 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-08-31 22:41 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-31 22:41 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-08-31 22:41 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-08-31 22:41 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-08-31 22:41 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-08-31 22:41 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2014-08-31 22:41 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2014-08-31 22:41 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-08-31 22:41 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2014-08-31 22:41 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-08-31 22:41 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2014-08-31 22:41 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-08-31 22:41 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2014-08-31 22:41 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2014-08-31 22:41 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-08-31 22:41 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2014-08-31 22:41 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-08-31 22:41 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-08-31 22:41 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-08-31 22:41 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) 

==================== ======================

So, ich hoffe nun hab ich alle Unterlagen beisammen. Wäre für eine erste Einschätzung der Situation -wie schlimm es ist- dankbar. Werde selbstverständlich alle Schritte ganz brav befolgen um die Plagegeister wieder loszuwerden !
DANKE!!!!

schrauber · 01.10.2014, 12:33

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Open Office Packages
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

nicurb · 01.10.2014, 22:58

Hallo, so alles abgearbeitet!

Hier die Ergebnisse:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.10.2014
Suchlauf-Zeit: 20:54:29
Logdatei: log mwb 1.10.14.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.01.09
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: nurban

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 305224
Verstrichene Zeit: 30 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.Superfish.A, HKU\S-1-5-21-3566245272-3818164758-4293974047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\DOMSTORAGE\superfish.com, In Quarantäne, [622320cf2e4d23133b0bc7b5c1435fa1], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.311 - Bericht erstellt am 01/10/2014 um 21:35:30
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : nurban - NICS_NOTEBOOK
# Gestartet von : C:\Users\nurban\Downloads\AdwCleaner_3.311.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Users\nurban\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\nurban\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\nurban\AppData\Local\Temp\webget
Ordner Gelöscht : C:\Users\nurban\AppData\Roaming\1H1Q
Ordner Gelöscht : C:\Users\nurban\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Public\Pokki
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v

[ Datei : C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "sweet-page");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page");

*************************

AdwCleaner[R0].txt - [319 octets] - [19/09/2014 17:33:10]
AdwCleaner[R1].txt - [3514 octets] - [19/09/2014 17:38:25]
AdwCleaner[R2].txt - [3429 octets] - [01/10/2014 21:31:02]
AdwCleaner[S0].txt - [3079 octets] - [01/10/2014 21:35:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3139 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.5 (10.01.2014:2)
OS: Windows 8.1 x64
Ran by nurban on 01.10.2014 at 21:55:53,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.10.2014 at 21:59:48,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by nurban (administrator) on NICS_NOTEBOOK on 01-10-2014 23:41:53
Running from C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\LS86B5UT
Loaded Profile: nurban (Available profiles: nurban)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Amazon Music] => C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\RunOnce: [Application Restart #1] => C:\Users\nurban\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side (the data entry has 542 more characters).
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\MountPoints2: {f2d2b4f7-86fe-11e3-8252-806e6f6e6963} - "D:\autorun.bat" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM-x32 - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKCU - {3EF20791-66B6-411D-98BD-772588130A79} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default\Extensions\abs@avira.com [2014-09-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-10-01] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X]
S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 21:59 - 2014-10-01 21:59 - 00000615 _____ () C:\Users\nurban\Desktop\JRT.txt
2014-10-01 21:55 - 2014-10-01 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-10-01 21:39 - 2014-10-01 21:39 - 00003223 _____ () C:\Users\nurban\Desktop\AdwCleaner[S0].txt
2014-10-01 21:10 - 2014-10-01 21:10 - 01375089 _____ () C:\Users\nurban\Downloads\AdwCleaner_3.311.exe
2014-10-01 20:43 - 2014-10-01 20:43 - 00001296 _____ () C:\Users\nurban\Desktop\Revo Uninstaller.lnk
2014-10-01 20:43 - 2014-10-01 20:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-29 20:34 - 2014-09-29 20:34 - 00025149 _____ () C:\Users\nurban\Desktop\Addition.txt
2014-09-29 20:33 - 2014-09-29 20:33 - 00025136 _____ () C:\Users\nurban\Downloads\Addition.txt
2014-09-29 20:30 - 2014-09-29 20:30 - 00131179 _____ () C:\Users\nurban\Desktop\FRST.txt
2014-09-29 20:27 - 2014-09-29 20:33 - 00131142 _____ () C:\Users\nurban\Downloads\FRST.txt
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64.exe
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64 (1).exe
2014-09-29 20:21 - 2014-09-29 20:21 - 00000923 _____ () C:\Users\nurban\Desktop\Bilder - Verknüpfung.lnk
2014-09-29 20:11 - 2014-10-01 23:41 - 00000000 ____D () C:\FRST
2014-09-29 20:08 - 2014-09-29 20:08 - 00000017 _____ () C:\Users\nurban\AppData\Local\resmon.resmoncfg
2014-09-29 10:33 - 2014-09-29 10:36 - 00000000 ____D () C:\Users\nurban\Desktop\Scan heute
2014-09-28 23:03 - 2014-09-29 10:52 - 00001690 _____ () C:\Users\nurban\Desktop\mwb310814.txt
2014-09-28 23:02 - 2014-09-29 10:53 - 00002608 _____ () C:\Users\nurban\Desktop\mwb110914.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-6.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-5.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-4.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-3.txt
2014-09-28 22:57 - 2014-09-29 10:51 - 00023618 _____ () C:\Users\nurban\Desktop\mwb3814-1.txt
2014-09-28 22:57 - 2014-09-28 22:57 - 00001146 _____ () C:\Users\nurban\Documents\mwb3814.txt
2014-09-28 22:48 - 2014-09-29 10:48 - 00003101 _____ () C:\Users\nurban\Desktop\gmer.txt
2014-09-28 22:31 - 2014-09-29 11:39 - 00000506 _____ () C:\Users\nurban\Desktop\defogger_disable.log
2014-09-28 22:31 - 2014-09-28 22:31 - 00000000 _____ () C:\Users\nurban\defogger_reenable
2014-09-24 21:06 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-23 21:53 - 2014-09-23 21:53 - 00000000 _____ () C:\Users\nurban\Sti_Trace.log
2014-09-20 22:47 - 2014-09-25 22:50 - 00022782 _____ () C:\Users\nurban\Desktop\Haushaltsbuch 09.14.ods
2014-09-20 21:06 - 2014-09-20 21:07 - 00144292 _____ () C:\Users\nurban\Downloads\Haushaltsbuch.zip
2014-09-20 21:06 - 2014-09-20 21:06 - 00816064 _____ ( ) C:\Users\nurban\Downloads\Haushaltsbuch_CB-DL-Manager.exe
2014-09-20 11:23 - 2014-09-20 21:11 - 00000000 ____D () C:\Users\nurban\Documents\Steuerfälle
2014-09-20 11:22 - 2014-09-20 11:22 - 00002233 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\Users\nurban\AppData\Local\AAV
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-09-20 11:21 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-09-20 11:17 - 2014-09-20 11:17 - 00000000 ____D () C:\Users\nurban\Desktop\SSEStandard_19.11
2014-09-20 11:08 - 2014-09-20 11:13 - 169519800 _____ () C:\Users\nurban\Desktop\SSEStandard_19.11.zip
2014-09-20 11:06 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\AAV
2014-09-20 10:37 - 2014-09-20 10:42 - 162097488 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09.exe
2014-09-20 10:37 - 2014-09-20 10:38 - 11927356 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09 (1).exe.vrl6ue1.partial
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-09-19 18:08 - 2014-09-19 18:08 - 02378752 _____ () C:\Users\nurban\Downloads\Adblock Installer.msi
2014-09-19 18:01 - 2014-09-19 18:06 - 349926168 _____ (Norman Shark AS) C:\Users\nurban\Downloads\Norman_0814Malware_Cleaner.exe
2014-09-19 17:32 - 2014-10-01 21:48 - 00000000 ____D () C:\AdwCleaner
2014-09-18 22:18 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-18 22:18 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-18 22:18 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-18 22:18 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-18 22:18 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-18 22:18 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-18 22:18 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-18 22:18 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-18 22:18 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-18 22:18 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-18 22:18 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-18 22:18 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-18 22:18 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-18 22:18 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-18 22:18 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-18 22:18 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-18 22:18 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-18 22:18 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-18 22:17 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-18 22:17 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-18 22:17 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-18 22:17 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-18 22:17 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-18 22:17 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-18 22:17 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-18 22:17 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-18 22:17 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-18 22:17 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-18 22:17 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-18 22:17 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-18 22:17 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-18 22:17 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-18 22:17 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-18 22:17 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-18 22:17 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-18 22:17 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-18 22:17 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-18 22:17 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-18 22:17 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-18 22:17 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-18 22:17 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-18 22:17 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-18 22:17 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-18 22:17 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-18 22:17 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-18 22:17 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-18 22:17 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-18 22:17 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-18 22:17 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-18 22:17 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-18 22:17 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-18 22:17 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-18 22:17 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-18 22:17 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-18 22:17 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-18 22:17 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-18 22:17 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-18 22:17 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-18 22:17 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-18 22:17 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-18 22:17 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-18 22:17 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-18 22:17 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-18 22:17 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-18 22:17 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-18 22:17 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-18 22:17 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-18 22:17 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-18 22:17 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 22:17 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-18 22:17 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-18 22:17 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-18 22:17 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-18 22:17 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-18 22:17 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-18 22:17 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-18 22:17 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-18 22:17 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-18 22:17 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-18 22:17 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-18 22:17 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-18 22:17 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-18 22:17 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-18 22:17 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-18 22:17 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-18 22:17 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-18 22:17 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-18 22:17 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-18 22:17 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-18 22:17 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-17 21:38 - 2014-09-17 21:38 - 00001165 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-17 21:33 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-17 21:33 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-17 20:29 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 20:29 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 20:29 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 20:29 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 20:29 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 20:29 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 20:28 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 20:28 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 20:28 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 20:28 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-16 21:45 - 2014-09-25 22:50 - 00038400 ___SH () C:\Users\nurban\Desktop\Thumbs.db
2014-09-16 21:44 - 2014-09-16 22:56 - 00065937 _____ () C:\Users\nurban\Desktop\Lebenslauf neu_07.09.2014.odt
2014-09-16 21:30 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-16 21:30 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-16 21:30 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-16 21:30 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-16 21:30 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-16 21:30 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-16 21:30 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-16 21:30 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-16 21:29 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-16 21:29 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-16 21:28 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 21:53 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 21:53 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 21:53 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:53 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 21:53 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:53 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:53 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:53 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:53 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:53 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:52 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-11 21:52 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-11 21:52 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:52 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:52 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:52 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:52 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:52 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:52 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:52 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:52 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:52 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:52 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:52 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:52 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:52 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-06 23:26 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-06 23:26 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-06 23:26 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-06 23:25 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-06 23:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-06 23:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-06 23:25 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-06 23:25 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-06 23:25 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-06 23:25 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-06 23:25 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-06 23:25 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-06 23:25 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-06 23:25 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-06 23:25 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-06 23:25 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-06 23:25 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-06 23:25 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-06 23:24 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-06 23:24 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-06 23:24 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-06 23:24 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-06 23:24 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-06 23:24 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-06 23:20 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-06 23:20 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-06 23:20 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-06 23:20 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-06 23:20 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-06 23:20 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-06 23:20 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-06 23:20 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-06 23:20 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-06 23:20 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-06 23:20 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-06 23:20 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-06 23:20 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-06 23:20 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-06 23:20 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-06 23:20 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-06 23:20 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-06 23:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-06 23:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-06 23:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-06 23:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-06 23:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-06 23:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-06 23:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-06 23:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-06 23:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-06 23:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-06 23:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-06 23:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-06 23:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-06 23:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-06 23:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-06 23:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-06 23:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-06 23:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-06 23:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-06 23:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-06 23:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-06 23:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-06 23:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-06 23:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-06 23:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-06 23:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-06 23:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-06 23:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-06 23:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-06 23:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-06 23:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-06 23:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-06 23:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-06 23:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-06 23:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-06 23:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-06 23:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-06 23:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-06 23:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-06 23:18 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-06 23:18 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-06 23:18 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-06 23:18 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-06 23:18 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-06 23:18 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-06 23:18 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-06 23:18 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-06 22:53 - 2014-09-06 22:54 - 00002195 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-09-06 22:53 - 2014-09-06 22:53 - 00002369 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packard Bell Games.lnk
2014-09-06 22:50 - 2014-09-17 21:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieUserList
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 15:36 - 2014-01-27 05:29 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-01-27 05:29 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-10-01 23:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-01 22:16 - 2014-06-16 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-01 22:03 - 2014-05-06 22:10 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3566245272-3818164758-4293974047-1001
2014-10-01 21:54 - 2014-01-27 13:49 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-10-01 21:54 - 2014-01-27 13:49 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-10-01 21:54 - 2013-11-06 13:44 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 21:49 - 2013-11-06 13:33 - 00921174 _____ () C:\Windows\PFRO.log
2014-10-01 21:49 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-01 21:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-01 21:03 - 2014-01-27 05:06 - 01469642 _____ () C:\Windows\WindowsUpdate.log
2014-10-01 20:54 - 2014-08-03 20:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-01 20:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-01 20:35 - 2014-05-06 22:17 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9B50CFB6-1E7A-48F4-91A2-8A128F0FB89E}
2014-09-30 22:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-28 22:31 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\nurban
2014-09-25 20:36 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-24 21:15 - 2013-08-22 16:44 - 00362760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 21:11 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-24 21:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-20 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-19 18:14 - 2013-08-22 16:46 - 00023340 _____ () C:\Windows\setupact.log
2014-09-19 17:56 - 2014-05-19 22:36 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 21:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-17 21:24 - 2014-05-07 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 21:22 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-11 22:16 - 2014-06-16 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-06 22:56 - 2014-05-11 21:07 - 00000000 ____D () C:\Users\nurban\AppData\Local\CrashDumps
2014-09-06 22:53 - 2014-05-07 07:09 - 00002333 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-09-06 22:50 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Avira
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-06 22:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

Some content of TEMP:
====================
C:\Users\nurban\AppData\Local\Temp\avgnt.exe
C:\Users\nurban\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\nurban\AppData\Local\Temp\oct113A.tmp.exe
C:\Users\nurban\AppData\Local\Temp\oct81A6.tmp.exe
C:\Users\nurban\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 22:03

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Noch eine kurze Info:

Sowohl bei MWB als auch beim Adware Cleaner ist Avira während des Löschvorgangs angesprungen und hat "Veränderungen an der Regestrydatenbank (o.ä.) verhindert".

Ich hatte den Echtzeitscanner bereits deaktiviert zu dem Zweck, trotzdem ist AVIRA angesprungen. Weiss auch nicht wie man es noch mehr deaktivieren kann?!? Macht evtl. ja auch nichts, scheint ja trotzdem alles weg zu sein?!? Dennoch mal so zur Info....

Ist/war denn außer Adware eigentlich auch Malware auf dem Rechner???

DANKE und Grüße
Nic

schrauber · 02.10.2014, 17:09

Nur Adware.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

nicurb · 06.10.2014, 21:29

Hallo, sorry hat diesmal etwas länger gedauert. War übers WE weg... außerdem hat der Eset scan ewig gedauert!
Hier nun alle logfiles:

1.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=00b788868c6e7b42853ca577f5748377
# engine=20409
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-06 07:53:37
# local_time=2014-10-06 09:53:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 348351 19307553 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1039330 37506510 0 0
# scanned=173543
# found=11
# cleaned=0
# scan_time=1817
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3566245272-3818164758-4293974047-1001\$R7C26E3\uninstaller.exe"
sh=DAE3B80A567AA739FA54D4C896A2CFE0F9718180 ft=1 fh=09c2f22f47670a60 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\nurban\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=C5AA96F17ED2B68CA4C839EA7394F4534B4F5C3F ft=1 fh=57a85fb4fd4bc01c vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=14C3048BA720097BDF78FB8B89D804ECF6732D14 ft=1 fh=1e0a3198ef7943e2 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\CVZJBRLI\OpenOffice - CHIP-Downloader.exe"
sh=E3474605402E4EEAC1C7C2FB7972553042F3B2C5 ft=1 fh=39ffac7bc4f4ed45 vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\CVZJBRLI\rcpafterdownloadcp_ntb_ad_6398_cpntb1[1].exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Temp\210015640.Uninstall\uninstaller.exe"
sh=1198E362C0504B2A3B13C48A3FB1FD392CD961F2 ft=1 fh=f811da979eb359e7 vn="Variante von Win32/ELEX.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Temp\is1597349865\169241_stp\May7www.sweet-page.com.exe"
sh=3C82A2E3557E1D6D778247DFEF0966C6D8883947 ft=1 fh=003b51f20285a43e vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Temp\is1597349865\169336_stp\rcpsetup_adppi12_adppi12.exe"
sh=F9C696C25F4300A7C55E017A95B16735FDAE1F69 ft=1 fh=184e2d2ecb738619 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Temp\is1597349865\169380_stp\webget_setup.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\AppData\Local\Temp\is1597349865\169448_stp\uninstaller.exe"
sh=43FF5A4C7153EA6C6678501FCF8ADFDB8E5159BA ft=1 fh=7dcb11e9dd57edd4 vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\nurban\Downloads\Haushaltsbuch_CB-DL-Manager.exe"

2.

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
Windows Defender   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

3.
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by nurban (administrator) on NICS_NOTEBOOK on 06-10-2014 22:14:58
Running from C:\Users\nurban\AppData\Local\Microsoft\Windows\INetCache\IE\CVZJBRLI
Loaded Profile: nurban (Available profiles: nurban)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\Run: [Amazon Music] => C:\Users\nurban\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\RunOnce: [Application Restart #1] => C:\Users\nurban\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side (the data entry has 542 more characters).
HKU\S-1-5-21-3566245272-3818164758-4293974047-1001\...\MountPoints2: {f2d2b4f7-86fe-11e3-8252-806e6f6e6963} - "D:\autorun.bat" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKLM-x32 - {3EF20791-66B6-411D-98BD-772588130A79} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=APJB
SearchScopes: HKCU - {3EF20791-66B6-411D-98BD-772588130A79} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\nurban\AppData\Roaming\Mozilla\Firefox\Profiles\6zde01j1.default\Extensions\abs@avira.com [2014-09-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-09-06] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-10-01] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X]
S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 22:06 - 2014-10-06 22:06 - 00000780 _____ () C:\Users\nurban\Desktop\checkup.txt
2014-10-06 21:54 - 2014-10-06 21:54 - 00001511 _____ () C:\Users\nurban\Desktop\eset scan.txt
2014-10-02 21:19 - 2014-10-02 21:19 - 02347384 _____ (ESET) C:\Users\nurban\Downloads\esetsmartinstaller_deu (1).exe
2014-10-02 21:18 - 2014-10-02 21:19 - 02347384 _____ (ESET) C:\Users\nurban\Downloads\esetsmartinstaller_deu.exe
2014-10-01 23:44 - 2014-10-01 23:44 - 00078072 _____ () C:\Users\nurban\Desktop\FRST2.txt
2014-10-01 21:59 - 2014-10-01 21:59 - 00000615 _____ () C:\Users\nurban\Desktop\JRT.txt
2014-10-01 21:55 - 2014-10-01 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-10-01 21:39 - 2014-10-01 21:39 - 00003223 _____ () C:\Users\nurban\Desktop\AdwCleaner[S0].txt
2014-10-01 21:10 - 2014-10-01 21:10 - 01375089 _____ () C:\Users\nurban\Downloads\AdwCleaner_3.311.exe
2014-10-01 20:43 - 2014-10-01 20:43 - 00001296 _____ () C:\Users\nurban\Desktop\Revo Uninstaller.lnk
2014-10-01 20:43 - 2014-10-01 20:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-29 20:34 - 2014-09-29 20:34 - 00025149 _____ () C:\Users\nurban\Desktop\Addition.txt
2014-09-29 20:33 - 2014-09-29 20:33 - 00025136 _____ () C:\Users\nurban\Downloads\Addition.txt
2014-09-29 20:30 - 2014-09-29 20:30 - 00131179 _____ () C:\Users\nurban\Desktop\FRST.txt
2014-09-29 20:27 - 2014-09-29 20:33 - 00131142 _____ () C:\Users\nurban\Downloads\FRST.txt
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64.exe
2014-09-29 20:27 - 2014-09-29 20:27 - 02108928 _____ (Farbar) C:\Users\nurban\Downloads\FRST64 (1).exe
2014-09-29 20:21 - 2014-09-29 20:21 - 00000923 _____ () C:\Users\nurban\Desktop\Bilder - Verknüpfung.lnk
2014-09-29 20:11 - 2014-10-06 22:15 - 00000000 ____D () C:\FRST
2014-09-29 20:08 - 2014-09-29 20:08 - 00000017 _____ () C:\Users\nurban\AppData\Local\resmon.resmoncfg
2014-09-29 10:33 - 2014-09-29 10:36 - 00000000 ____D () C:\Users\nurban\Desktop\Scan heute
2014-09-28 23:03 - 2014-09-29 10:52 - 00001690 _____ () C:\Users\nurban\Desktop\mwb310814.txt
2014-09-28 23:02 - 2014-09-29 10:53 - 00002608 _____ () C:\Users\nurban\Desktop\mwb110914.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-6.txt
2014-09-28 22:59 - 2014-09-28 22:59 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-5.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-4.txt
2014-09-28 22:58 - 2014-09-28 22:58 - 00023605 _____ () C:\Users\nurban\Documents\mwb3814-3.txt
2014-09-28 22:57 - 2014-09-29 10:51 - 00023618 _____ () C:\Users\nurban\Desktop\mwb3814-1.txt
2014-09-28 22:57 - 2014-09-28 22:57 - 00001146 _____ () C:\Users\nurban\Documents\mwb3814.txt
2014-09-28 22:48 - 2014-09-29 10:48 - 00003101 _____ () C:\Users\nurban\Desktop\gmer.txt
2014-09-28 22:31 - 2014-09-29 11:39 - 00000506 _____ () C:\Users\nurban\Desktop\defogger_disable.log
2014-09-28 22:31 - 2014-09-28 22:31 - 00000000 _____ () C:\Users\nurban\defogger_reenable
2014-09-24 21:06 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-09-23 21:53 - 2014-09-23 21:53 - 00000000 _____ () C:\Users\nurban\Sti_Trace.log
2014-09-20 22:47 - 2014-09-25 22:50 - 00022782 _____ () C:\Users\nurban\Desktop\Haushaltsbuch 09.14.ods
2014-09-20 21:06 - 2014-09-20 21:07 - 00144292 _____ () C:\Users\nurban\Downloads\Haushaltsbuch.zip
2014-09-20 21:06 - 2014-09-20 21:06 - 00816064 _____ ( ) C:\Users\nurban\Downloads\Haushaltsbuch_CB-DL-Manager.exe
2014-09-20 11:23 - 2014-09-20 21:11 - 00000000 ____D () C:\Users\nurban\Documents\Steuerfälle
2014-09-20 11:22 - 2014-09-20 11:22 - 00002233 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\Users\nurban\AppData\Local\AAV
2014-09-20 11:22 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps
2014-09-20 11:21 - 2014-09-20 11:22 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-09-20 11:17 - 2014-09-20 11:17 - 00000000 ____D () C:\Users\nurban\Desktop\SSEStandard_19.11
2014-09-20 11:08 - 2014-09-20 11:13 - 169519800 _____ () C:\Users\nurban\Desktop\SSEStandard_19.11.zip
2014-09-20 11:06 - 2014-09-20 11:22 - 00000000 ____D () C:\ProgramData\AAV
2014-09-20 10:37 - 2014-09-20 10:42 - 162097488 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09.exe
2014-09-20 10:37 - 2014-09-20 10:38 - 11927356 _____ () C:\Users\nurban\Downloads\SSEStandard_18.09 (1).exe.vrl6ue1.partial
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-09-19 18:08 - 2014-09-19 18:08 - 02378752 _____ () C:\Users\nurban\Downloads\Adblock Installer.msi
2014-09-19 18:01 - 2014-09-19 18:06 - 349926168 _____ (Norman Shark AS) C:\Users\nurban\Downloads\Norman_0814Malware_Cleaner.exe
2014-09-19 17:32 - 2014-10-01 21:48 - 00000000 ____D () C:\AdwCleaner
2014-09-18 22:18 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-18 22:18 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-09-18 22:18 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-18 22:18 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-18 22:18 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-18 22:18 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-18 22:18 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-18 22:18 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-18 22:18 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-18 22:18 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-09-18 22:18 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 22:18 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-09-18 22:18 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-18 22:18 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-09-18 22:18 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-18 22:18 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-09-18 22:18 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-18 22:18 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-18 22:18 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-18 22:18 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-18 22:18 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-18 22:18 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-09-18 22:18 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-18 22:17 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-09-18 22:17 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-09-18 22:17 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-18 22:17 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-18 22:17 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-18 22:17 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-09-18 22:17 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-09-18 22:17 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-18 22:17 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-18 22:17 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-18 22:17 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-18 22:17 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-18 22:17 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-09-18 22:17 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-09-18 22:17 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-09-18 22:17 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-09-18 22:17 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-09-18 22:17 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-18 22:17 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-09-18 22:17 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-09-18 22:17 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-09-18 22:17 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2014-09-18 22:17 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-09-18 22:17 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-18 22:17 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-18 22:17 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-09-18 22:17 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-09-18 22:17 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2014-09-18 22:17 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-18 22:17 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-18 22:17 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-09-18 22:17 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-18 22:17 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-09-18 22:17 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-18 22:17 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-09-18 22:17 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2014-09-18 22:17 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-09-18 22:17 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-18 22:17 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-09-18 22:17 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-18 22:17 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-09-18 22:17 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-18 22:17 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-18 22:17 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-09-18 22:17 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-18 22:17 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-09-18 22:17 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-09-18 22:17 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2014-09-18 22:17 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-09-18 22:17 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-09-18 22:17 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-18 22:17 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-18 22:17 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-09-18 22:17 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-18 22:17 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2014-09-18 22:17 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2014-09-18 22:17 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-18 22:17 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-18 22:17 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-09-18 22:17 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-09-18 22:17 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-09-18 22:17 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2014-09-18 22:17 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-09-18 22:17 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 22:17 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-18 22:17 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-09-18 22:17 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-09-18 22:17 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-09-18 22:17 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-09-18 22:17 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-09-18 22:17 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-09-18 22:17 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-09-18 22:17 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-09-18 22:17 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-09-18 22:17 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-09-18 22:17 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-09-18 22:17 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-18 22:17 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-18 22:17 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-09-18 22:17 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-18 22:17 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-18 22:17 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-09-18 22:17 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-09-18 22:17 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-09-18 22:17 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-18 22:17 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-09-18 22:17 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-09-18 22:17 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-18 22:17 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2014-09-18 22:17 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2014-09-18 22:17 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2014-09-18 22:17 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-18 22:17 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 22:17 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-18 22:17 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-09-18 22:17 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-09-18 22:17 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-09-18 22:17 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2014-09-18 22:17 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2014-09-18 22:17 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-18 22:17 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-18 22:17 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2014-09-18 22:17 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-18 22:17 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-18 22:17 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-09-18 22:17 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-09-18 22:17 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-18 22:17 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-09-18 22:17 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-09-18 22:17 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2014-09-18 22:17 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2014-09-18 22:17 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-09-18 22:17 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-18 22:17 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-18 22:17 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2014-09-18 22:17 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2014-09-18 22:17 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-09-18 22:17 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-09-18 22:17 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-09-18 22:17 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-09-17 21:38 - 2014-09-17 21:38 - 00001165 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-17 21:33 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-17 21:33 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-17 20:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-17 20:29 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 20:29 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 20:29 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 20:29 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 20:29 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 20:29 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 20:29 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 20:29 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 20:29 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 20:29 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 20:29 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 20:29 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 20:29 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 20:29 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 20:29 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 20:29 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 20:29 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 20:29 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 20:29 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 20:28 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 20:28 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 20:28 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 20:28 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-16 21:45 - 2014-09-25 22:50 - 00038400 ___SH () C:\Users\nurban\Desktop\Thumbs.db
2014-09-16 21:44 - 2014-09-16 22:56 - 00065937 _____ () C:\Users\nurban\Desktop\Lebenslauf neu_07.09.2014.odt
2014-09-16 21:30 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-16 21:30 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-16 21:30 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-16 21:30 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-16 21:30 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-16 21:30 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-16 21:30 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-09-16 21:30 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-09-16 21:30 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-09-16 21:29 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-16 21:29 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-16 21:28 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-16 21:27 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 21:53 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-11 21:53 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-09-11 21:53 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-09-11 21:53 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-11 21:53 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-11 21:53 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-11 21:53 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-11 21:53 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-09-11 21:53 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-09-11 21:53 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-11 21:53 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-11 21:52 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-11 21:52 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-11 21:52 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-09-11 21:52 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-11 21:52 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-09-11 21:52 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-11 21:52 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-09-11 21:52 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-09-11 21:52 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-09-11 21:52 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-09-11 21:52 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-09-11 21:52 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-09-11 21:52 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-09-11 21:52 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-09-11 21:52 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-11 21:52 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-11 21:52 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-09-11 21:52 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-09-11 21:52 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-09-11 21:52 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-09-11 21:52 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-09-11 21:52 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-09-06 23:26 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-06 23:26 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-06 23:26 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-06 23:25 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-06 23:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-06 23:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-06 23:25 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-06 23:25 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-06 23:25 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-06 23:25 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-06 23:25 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-09-06 23:25 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-06 23:25 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-06 23:25 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-06 23:25 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-06 23:25 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-06 23:25 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-09-06 23:25 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-09-06 23:24 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-09-06 23:24 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-09-06 23:24 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-09-06 23:24 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-09-06 23:24 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-06 23:24 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-06 23:24 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-06 23:24 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-06 23:20 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-06 23:20 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-09-06 23:20 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-09-06 23:20 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-09-06 23:20 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-06 23:20 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-06 23:20 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-06 23:20 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-06 23:20 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-06 23:20 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-09-06 23:20 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-09-06 23:20 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-09-06 23:20 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-09-06 23:20 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-09-06 23:20 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-09-06 23:20 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-09-06 23:20 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-09-06 23:20 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-09-06 23:20 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-06 23:20 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-09-06 23:20 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-09-06 23:19 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-06 23:19 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-06 23:19 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-06 23:19 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-06 23:19 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-06 23:19 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-06 23:19 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-06 23:19 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-06 23:19 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-09-06 23:19 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-06 23:19 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-09-06 23:19 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-06 23:19 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-06 23:19 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-09-06 23:19 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-06 23:19 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-09-06 23:19 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-09-06 23:19 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-09-06 23:19 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-09-06 23:19 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-09-06 23:19 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-09-06 23:19 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-06 23:19 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-09-06 23:19 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-09-06 23:19 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-09-06 23:19 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-09-06 23:19 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-09-06 23:19 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-09-06 23:19 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-09-06 23:19 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-09-06 23:19 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-06 23:19 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-06 23:19 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-06 23:19 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-06 23:19 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-09-06 23:19 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-09-06 23:19 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-09-06 23:19 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-09-06 23:19 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-09-06 23:19 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-09-06 23:19 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-06 23:19 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-09-06 23:19 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-09-06 23:19 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-06 23:19 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-09-06 23:19 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-06 23:19 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-09-06 23:19 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-09-06 23:18 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-06 23:18 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-06 23:18 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-06 23:18 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-06 23:18 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-06 23:18 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-09-06 23:18 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-09-06 23:18 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-09-06 23:18 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-09-06 22:53 - 2014-09-06 22:54 - 00002195 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-09-06 22:53 - 2014-09-06 22:53 - 00002369 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Packard Bell Games.lnk
2014-09-06 22:50 - 2014-09-17 21:38 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieUserList
2014-09-06 22:50 - 2014-09-06 22:50 - 00000000 __SHD () C:\Users\nurban\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 15:36 - 2014-01-27 05:29 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-01-27 05:29 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-10-06 22:16 - 2014-06-16 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-06 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-06 21:45 - 2014-01-27 05:06 - 01563497 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 21:26 - 2014-05-06 22:17 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9B50CFB6-1E7A-48F4-91A2-8A128F0FB89E}
2014-10-02 20:55 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-01 22:03 - 2014-05-06 22:10 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3566245272-3818164758-4293974047-1001
2014-10-01 21:54 - 2014-01-27 13:49 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-10-01 21:54 - 2014-01-27 13:49 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-10-01 21:54 - 2013-11-06 13:44 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 21:49 - 2013-11-06 13:33 - 00921174 _____ () C:\Windows\PFRO.log
2014-10-01 21:49 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-01 21:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-01 20:54 - 2014-08-03 20:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-01 20:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-30 22:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-28 22:31 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\nurban
2014-09-24 21:15 - 2013-08-22 16:44 - 00362760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-24 21:11 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-24 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-24 21:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-24 21:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-09-20 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-19 18:14 - 2013-08-22 16:46 - 00023340 _____ () C:\Windows\setupact.log
2014-09-19 17:56 - 2014-05-19 22:36 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-17 21:38 - 2014-05-06 23:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 21:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-17 21:24 - 2014-05-07 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 21:22 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-11 22:16 - 2014-06-16 21:42 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-06 22:56 - 2014-05-11 21:07 - 00000000 ____D () C:\Users\nurban\AppData\Local\CrashDumps
2014-09-06 22:53 - 2014-05-07 07:09 - 00002333 _____ () C:\Users\nurban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-09-06 22:50 - 2014-05-06 23:05 - 00000000 ____D () C:\ProgramData\Avira
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-06 22:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\th-TH
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\et-EE
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-06 22:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-06 22:29 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2014-09-06 22:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

Some content of TEMP:
====================
C:\Users\nurban\AppData\Local\Temp\avgnt.exe
C:\Users\nurban\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\nurban\AppData\Local\Temp\oct113A.tmp.exe
C:\Users\nurban\AppData\Local\Temp\oct81A6.tmp.exe
C:\Users\nurban\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-01 22:03

==================== End Of Log ============================

--- --- ---

--- --- ---

Bin ich nun viren- und adwarefrei ? Wäre schön :-) Kann noch gar nicht beurteilen ob sich was im IE verändert hat. War die letzten Tage ausschließlich im Internet auf Eurer Seite bzw. auf File Pony um die entsprechenden Programme runterzuladen. Muss ich mir also erstmal ansehen.

Vielen Dank auf jeden Fall für alles!

Noch ne Frage: Muss ich die ganzen Cleaner usw. eigentlich alle wieder deinstallieren oder besser drauflassen?

Welchen Viren- bzw. Mal- und Adwareschutz empfehlt ihr eigentlich? Nutze bisher ja nur Avira...

VG

schrauber · 07.10.2014, 20:26

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\$Recycle.Bin
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Ich empfehle immer Emsisoft

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.