Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Viele Funde via MBAM Windows 8, kein log file gespeichert?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.11.2014, 03:58   #1
Ricky O.
 
Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



Guten Tag,

ich habe den Laptop einer Bekannten hier, der seit einigen Wochen arge Probleme machte. Demnach habe ich Malwarebytes in der Free Version installiert und diverse Einträge gefunden. Allerdings scheint kein log file abgespeichert worden zu sein, lediglich einige Dateien sind noch in der Quarantäne. Ein weiterer Check läuft bereits.

Ich habe aber einen Log seitens ADWCleaner. Das meiste scheinen Einträge zu optionalen Toolbars gewesen zu sein, aber ich wollte dennoch lieber auf Nummer sicher gehen.

Vielen Dank im Voraus

Log seitens ADWCleaner:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.311 - Bericht erstellt am 04/11/2014 um 21:18:02
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Schorsch - RENATE
# Gestartet von : C:\Users\Schorsch\Downloads\adwcleaner_3.311.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : {55685567-4840-4a91-962b-49a412e9485a}w64
Dienst Gelöscht : {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Schorsch\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Schorsch\AppData\Local\Temp\webget
Ordner Gelöscht : C:\Users\Schorsch\AppData\Roaming\loadtbs
Ordner Gelöscht : C:\Users\Schorsch\AppData\Roaming\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Schorsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\Schorsch\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Schorsch\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\Extensions\quick_start@gmail.com
Ordner Gelöscht : C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\Extensions\software@loadtubes.com
Datei Gelöscht : C:\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys
Datei Gelöscht : C:\WINDOWS\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
Datei Gelöscht : C:\Users\Schorsch\daemonprocess.txt
Datei Gelöscht : C:\Users\Schorsch\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Users\Schorsch\Desktop\PC Speed Maximizer.lnk
Datei Gelöscht : C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\user.js

***** [ Tasks ] *****

Task Gelöscht : PC Speed Maximizer Schedule

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B89C9191-DEEC-41E4-8DC7-2EBF2BEA1DCB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5D198F49-CF7B-4AD7-B9B4-ABA458F6D478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B89C9191-DEEC-41E4-8DC7-2EBF2BEA1DCB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\SecuredDownload
Schlüssel Gelöscht : HKCU\Software\webget
Schlüssel Gelöscht : HKCU\Software\AppDataLow\webget
Schlüssel Gelöscht : HKLM\SOFTWARE\webget
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webget

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "sweet-page");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "sweet-page");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hppp&ts=1405362164&from=cor&uid=TOSHIBAXMQ01ABD100_637QP2YWTXX637QP2YWT");
Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

AdwCleaner[R0].txt - [7139 octets] - [04/11/2014 19:26:20]
AdwCleaner[S0].txt - [6506 octets] - [04/11/2014 21:18:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6566 octets] ##########
         
--- --- ---
Der neue Malwarebytes Check ergab folgenden Log:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 09.11.2014
Scan Time: 02:48:05
Logfile: log.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.04.06
Rootkit Database: v2014.11.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Schorsch

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 474484
Time Elapsed: 1 hr, 20 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
PUP.Optional.QuickStart.A, HKU\S-1-5-21-993131023-4244169656-192317998-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, , [6a31b48233492a0c1e3f350e13f052ae]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 10
PUP.Optional.WpManager, C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir, , [108bf640ec901125048d10688a776898], 
PUP.LoadTubes, C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\loadtbs\toolbar.dll.vir, , [b1ea84b28fed8ea8edadb950fb05bc44], 
PUP.LoadTubes, C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\loadtbs\ytdl.exe.vir, , [0992251190ecf442c5272993867ab749], 
PUP.Optional.SkyTech.A, C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\alilog.dll, , [f8a3cf6791eb3402be936fc308f859a7], 
PUP.Optional.V9.A, C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\qSE.exe, , [d5c642f41666c07611e189bff70936ca], 
PUP.Optional.Skytech.A, C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\UninstallManager.exe, , [2e6d4fe7b7c5989e97fa6a33b1504eb2], 
PUP.Optional.IePluginService.A, C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\tmp\SupTab.exe, , [277489ad661680b6ec06d89579885ea2], 
PUP.Optional.WpManager, C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\tmp\wpm.exe, , [bbe0989e2c5070c60e834b2d3ac703fd], 
PUP.Optional.InstallCore, C:\Users\Schorsch\Downloads\skype_setup.exe, , [aaf1a195ccb0132398b4808fdc2903fd], 
PUP.Optional.Webget.A, C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi, , [cfcc02347903d95de57bcb84ea19a65a], 

Physical Sectors: 0
(No malicious items detected)


(end)
         

Alt 09.11.2014, 05:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.11.2014, 17:58   #3
Ricky O.
 
Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



Ich muss immer per USB Stick hin und her rennen.^^ Aber hier ist es nun.

FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by Schorsch (administrator) on RENATE on 09-11-2014 18:53:39
Running from C:\Users\Schorsch\Desktop
Loaded Profiles: Schorsch (Available profiles: Schorsch)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-993131023-4244169656-192317998-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-05-29] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - DefaultScope {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = 
SearchScopes: HKCU - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: webget - C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi [2014-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\extensions\software@loadtubes.com [Not Found]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1044784 2014-10-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [805112 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 avfwim; C:\Windows\system32\DRIVERS\avfwim.sys [114608 2014-03-22] (Avira GmbH)
R1 avfwot; C:\Windows\system32\DRIVERS\avfwot.sys [141376 2013-11-02] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-09] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-03-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 18:53 - 2014-11-09 18:54 - 00013172 _____ () C:\Users\Schorsch\Desktop\FRST.txt
2014-11-09 18:53 - 2014-11-09 18:53 - 00000000 ____D () C:\FRST
2014-11-09 18:52 - 2014-11-09 18:29 - 02115584 _____ (Farbar) C:\Users\Schorsch\Desktop\FRST64.exe
2014-11-06 09:37 - 2014-11-06 09:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-11-04 21:24 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-04 21:24 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-04 19:32 - 2014-11-09 02:48 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-04 19:30 - 2014-11-04 19:30 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-04 19:30 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-04 19:30 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-04 19:30 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-04 19:29 - 2014-11-04 19:29 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Schorsch\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-04 19:26 - 2014-11-09 02:41 - 00000000 ____D () C:\AdwCleaner
2014-11-04 19:25 - 2014-11-04 19:26 - 01375089 _____ () C:\Users\Schorsch\Downloads\adwcleaner_3.311.exe
2014-10-25 18:46 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-25 18:46 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-25 18:46 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-25 18:46 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-25 18:45 - 2014-07-24 16:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-25 18:45 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-25 18:45 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-25 18:45 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-25 18:45 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-25 18:45 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-25 18:45 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-10-25 18:45 - 2014-07-24 16:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-25 18:45 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-25 18:45 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-25 18:45 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-25 18:45 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-10-25 18:45 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-10-25 18:45 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-10-25 18:45 - 2014-07-24 15:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-10-25 18:45 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-25 18:45 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-25 18:45 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-10-25 18:45 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-10-25 18:45 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-25 18:45 - 2014-07-24 12:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-25 18:45 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-25 18:45 - 2014-07-24 12:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-25 18:45 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-25 18:45 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-10-25 18:45 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-25 18:45 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-10-25 18:45 - 2014-07-24 12:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-10-25 18:45 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-10-25 18:45 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-10-25 18:45 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-10-25 18:45 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-25 18:45 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-10-25 18:45 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-10-25 18:45 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-10-25 18:45 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-25 18:45 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-25 18:45 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-10-25 18:45 - 2014-07-24 11:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-10-25 18:45 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-25 18:45 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-10-25 18:45 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-10-25 18:45 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-10-25 18:45 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-10-25 18:45 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-25 18:45 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-10-25 18:45 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-25 18:45 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-25 18:45 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-10-25 18:45 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-10-25 18:45 - 2014-07-24 10:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-10-25 18:45 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-10-25 18:45 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-10-25 18:45 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-10-25 18:45 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-10-25 18:45 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-10-25 18:45 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-10-25 18:45 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-10-25 18:45 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-10-25 18:45 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-10-25 18:45 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-25 18:45 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-25 18:45 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-25 18:45 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-10-25 18:45 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-25 18:45 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-25 18:45 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-10-25 18:45 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-25 18:45 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-10-25 18:45 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-25 18:45 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-25 18:45 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-10-25 18:45 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-25 18:45 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-10-25 18:45 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-25 18:45 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-10-25 18:45 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-25 18:45 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-25 18:45 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-25 18:45 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-10-25 18:45 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-10-25 18:45 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-25 18:45 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-10-25 18:45 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-10-25 18:45 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-10-25 18:45 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-10-25 18:45 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-10-25 18:45 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-10-25 18:45 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-10-25 18:45 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-10-25 18:45 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-10-25 18:45 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-10-25 18:45 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-25 18:45 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-25 18:45 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-10-25 18:45 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-10-25 18:45 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-10-25 18:45 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-25 18:45 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-25 18:45 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-10-25 18:45 - 2014-07-24 08:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-25 18:45 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-10-25 18:45 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-25 18:45 - 2014-07-24 08:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-25 18:45 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-25 18:45 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-25 18:45 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-10-25 18:45 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-10-25 18:45 - 2014-07-12 06:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-25 18:45 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-10-25 18:45 - 2014-07-12 05:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-10-25 18:45 - 2014-07-12 05:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-25 18:45 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-10-25 18:45 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-10-25 18:45 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-10-25 18:45 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-10-25 18:45 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-10-25 18:45 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-10-25 18:45 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-10-25 18:45 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-25 18:45 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-10-25 18:45 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-10-25 18:45 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-25 18:45 - 2014-06-19 03:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-25 18:45 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-25 18:45 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-25 18:45 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-25 18:45 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-10-25 18:45 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-10-25 18:45 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-10-25 18:45 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-10-25 18:45 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-25 18:45 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-25 18:45 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-25 18:45 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-25 18:45 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-10-25 18:45 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-10-25 18:45 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-25 18:45 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-25 18:45 - 2014-05-29 06:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-25 18:45 - 2014-05-29 05:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-25 18:45 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-10-25 18:45 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-10-25 18:45 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-10-25 18:45 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-10-25 18:45 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-10-25 18:45 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-25 18:45 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-25 18:45 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-25 18:45 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-25 18:39 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-25 18:37 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-25 18:37 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-25 18:37 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-25 18:37 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-25 18:37 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-25 18:37 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-25 18:37 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-25 18:37 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-25 18:37 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-25 18:37 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-25 18:37 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-25 18:37 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-25 18:37 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-25 18:37 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-25 18:37 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-25 18:34 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-25 18:34 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-25 18:34 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-25 18:34 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-25 18:34 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-25 18:34 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-25 18:34 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-25 18:34 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-25 18:34 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-25 18:34 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-25 18:34 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-25 18:34 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-25 18:34 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-25 18:34 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-25 18:34 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-25 18:34 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-25 18:34 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-25 18:34 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-25 18:34 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-25 18:34 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-25 18:34 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-25 18:34 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-25 18:34 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-25 18:34 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-25 18:34 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-25 18:34 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-25 18:34 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-25 18:34 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-25 18:34 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-25 18:34 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-25 18:34 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-25 18:34 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-25 18:34 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-25 18:34 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-25 18:34 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-25 18:34 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-25 18:34 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-25 18:34 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-25 18:34 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-25 18:34 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-25 18:34 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-10-25 18:33 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 18:33 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-25 18:33 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-25 18:33 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-25 18:33 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 18:33 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 18:33 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 18:33 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-25 18:33 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-25 18:33 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-25 18:33 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-25 18:33 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-25 18:33 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-25 18:33 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-25 18:33 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-25 18:33 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-25 18:33 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-25 18:33 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-25 18:33 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-25 18:33 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 18:33 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-25 18:33 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-25 18:33 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-25 18:33 - 2014-08-16 01:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-25 18:33 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 18:33 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-25 18:33 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-25 18:33 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-25 18:33 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-25 18:33 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-25 18:33 - 2014-08-16 01:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-25 18:33 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-25 18:33 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-25 18:33 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 18:33 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-25 18:33 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-25 18:33 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-25 18:33 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-10-25 17:49 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-25 17:49 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-25 17:49 - 2014-05-13 05:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-25 17:49 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-25 17:49 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-25 17:49 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-25 17:49 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-25 17:49 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-25 17:49 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-25 17:49 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-25 17:49 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-25 17:49 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-25 17:49 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-25 17:49 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-25 17:49 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-25 17:49 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-25 17:49 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-25 17:49 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-25 17:49 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-25 17:49 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-25 17:49 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-25 17:49 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-25 17:49 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-25 17:49 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-25 17:49 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-25 17:49 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-25 17:49 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-25 17:49 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-25 17:49 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-25 17:48 - 2014-04-18 15:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-25 17:48 - 2014-04-18 10:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-25 17:48 - 2014-04-14 10:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-25 17:48 - 2014-04-14 09:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-10-25 17:48 - 2014-04-11 05:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-25 17:48 - 2014-04-11 05:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-10-25 17:48 - 2014-04-09 12:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-25 17:48 - 2014-04-09 07:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-25 17:48 - 2014-04-09 06:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-10-25 17:48 - 2014-04-09 04:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-25 17:48 - 2014-04-08 03:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-25 17:48 - 2014-04-06 17:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-25 17:48 - 2014-04-06 17:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-25 17:48 - 2014-04-06 17:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-25 17:48 - 2014-04-06 17:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-25 17:48 - 2014-04-06 17:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-25 17:48 - 2014-04-06 17:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-10-25 17:48 - 2014-04-06 16:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-10-25 17:48 - 2014-04-06 13:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-25 17:48 - 2014-04-06 13:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-25 17:48 - 2014-04-06 13:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-25 17:48 - 2014-04-06 13:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-25 17:48 - 2014-04-06 13:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-10-25 17:48 - 2014-04-06 12:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-25 17:48 - 2014-04-06 12:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-25 17:48 - 2014-04-06 12:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-25 17:48 - 2014-04-06 11:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-25 17:48 - 2014-04-06 11:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-10-25 17:48 - 2014-04-06 11:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-25 17:48 - 2014-04-06 10:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-10-25 17:48 - 2014-04-03 09:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-25 17:48 - 2014-04-03 09:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-25 17:48 - 2014-04-03 05:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-25 17:48 - 2014-04-03 05:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-10-25 17:48 - 2014-04-03 03:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-10-25 17:48 - 2014-04-03 03:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-25 17:48 - 2014-03-28 16:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-25 17:48 - 2014-03-27 06:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-25 17:48 - 2014-03-27 05:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-25 17:48 - 2014-03-27 04:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-25 17:48 - 2014-03-27 04:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-25 17:48 - 2014-03-19 09:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-25 17:48 - 2014-03-19 08:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-25 17:48 - 2014-03-19 08:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-10-25 17:48 - 2014-03-18 06:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-25 17:48 - 2014-03-18 05:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-10-25 17:48 - 2014-03-17 06:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-25 17:48 - 2014-03-17 05:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-25 17:48 - 2014-03-14 07:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-25 17:48 - 2014-03-14 07:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-10-25 17:47 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-25 17:47 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-25 17:47 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-25 17:47 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-25 17:47 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-25 17:47 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-25 17:47 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-25 17:47 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-25 17:47 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-25 17:47 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-25 17:47 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-10-25 17:47 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-09 05:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-09 04:59 - 2014-03-22 09:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-09 04:56 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-09 04:56 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-09 04:56 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-09 04:54 - 2013-08-22 15:46 - 00289609 _____ () C:\WINDOWS\setupact.log
2014-11-09 03:16 - 2013-10-31 09:40 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-993131023-4244169656-192317998-1001
2014-11-09 02:50 - 2014-03-22 11:47 - 01610836 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-09 02:38 - 2013-11-06 08:48 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4EE96860-9547-4D59-BBA2-B74A6F24AE7A}
2014-11-09 02:36 - 2013-11-23 09:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-09 02:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-09 02:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-09 02:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-09 02:34 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-09 02:30 - 2014-03-22 11:53 - 00000000 __RDO () C:\Users\Schorsch\SkyDrive
2014-11-06 09:36 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-06 09:35 - 2013-11-13 23:18 - 00003162 _____ () C:\WINDOWS\PFRO.log
2014-11-04 21:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-04 21:23 - 2013-08-22 15:44 - 00338048 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-04 21:20 - 2013-11-14 08:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-04 21:20 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-11-04 21:18 - 2014-03-22 11:32 - 00000000 ____D () C:\Users\Schorsch
2014-11-02 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-01 18:44 - 2014-03-29 17:59 - 00861470 _____ () C:\WINDOWS\system32\upgrade.log
2014-11-01 18:44 - 2014-03-29 17:59 - 00017642 _____ () C:\WINDOWS\SysWOW64\upgrade.log
2014-10-25 17:37 - 2013-11-02 16:45 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-25 17:37 - 2013-11-02 16:45 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-10-25 17:37 - 2013-11-02 16:45 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

Some content of TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\Schorsch\AppData\Local\Temp\avgnt.exe
C:\Users\Schorsch\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-09 03:16

==================== End Of Log ============================
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by Schorsch at 2014-11-09 18:54:32
Running from C:\Users\Schorsch\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: FireWall (Disabled) {753F9273-B322-2907-AC37-03D0F1702F22}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avira Internet Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shutdown8 (HKCU\...\Shutdown8) (Version: 1.08 - Bandisoft.com)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-09-2014 15:14:01 Windows Update
04-11-2014 18:49:29 Windows Update
09-11-2014 01:31:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C6775F-3BE6-46FF-BFAA-96F5F18E8029} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-14] (Adobe Systems Incorporated)
Task: {3DD34C25-7C63-441D-A607-A31A0E66F0C6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {4CE8644B-2C8D-4A23-A721-B6D6197B1445} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {5B7198EF-4A3F-4AAF-81EA-5DC1FC6925EA} - System32\Tasks\{85E406EB-697B-45CF-96D1-C77B8EA3A1CB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=404
Task: {6629A639-A359-4F51-B511-553B5479CA5F} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-03-27 22:53 - 2013-03-27 22:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-05-09 17:49 - 2013-05-09 17:49 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-11-04 19:22 - 2013-11-04 19:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2011-08-12 22:57 - 2011-08-12 22:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2013-08-30 03:57 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Schorsch\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-993131023-4244169656-192317998-500 - Administrator - Disabled)
Gast (S-1-5-21-993131023-4244169656-192317998-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-993131023-4244169656-192317998-1005 - Limited - Enabled)
Schorsch (S-1-5-21-993131023-4244169656-192317998-1001 - Administrator - Enabled) => C:\Users\Schorsch

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2014 07:16:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/19/2014 07:59:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RENATE)
Description: Bei der Aktivierung der App „eBayInc.eBay_1618n3s9xq8tw!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/19/2014 07:59:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm eBay.CoreApp.exe, Version 1.5.0.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 244

Startzeit: 01cfd3d72d258fab

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8tw\eBay.CoreApp.exe

Berichts-ID: 74ff5622-3fca-11e4-becd-48d2249359e3

Vollständiger Name des fehlerhaften Pakets: eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8tw

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/19/2014 07:59:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RENATE)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/19/2014 07:59:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: Die App „eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8tw+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (09/19/2014 07:58:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: Die App „Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (09/14/2014 07:05:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/04/2014 07:09:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: Die App „Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe+MicrosoftMahjong“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (08/29/2014 07:50:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fc8

Startzeit: 01cfc35468fe7f55

Endzeit: 42

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: b5a17a0e-2f48-11e4-bec7-48d2249359e3

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/17/2014 04:32:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Mahjong.exe, Version: 1.1.0.0, Zeitstempel: 0x53393eda
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17041, Zeitstempel: 0x53181c35
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003f1bdc
ID des fehlerhaften Prozesses: 0x108c
Startzeit der fehlerhaften Anwendung: 0xMahjong.exe0
Pfad der fehlerhaften Anwendung: Mahjong.exe1
Pfad des fehlerhaften Moduls: Mahjong.exe2
Berichtskennung: Mahjong.exe3
Vollständiger Name des fehlerhaften Pakets: Mahjong.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Mahjong.exe5


System errors:
=============
Error: (11/09/2014 02:36:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2979500)

Error: (11/09/2014 02:36:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2950153)

Error: (11/09/2014 02:36:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2939153)

Error: (11/09/2014 02:36:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2958262)

Error: (11/09/2014 02:36:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2959626)

Error: (11/09/2014 02:36:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für .NET Native unter Windows 8.1 und Windows Server 2012 R2 für x64-basierte Systeme (KB2954879)

Error: (11/09/2014 02:34:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2981580)

Error: (11/06/2014 09:36:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira FireWall" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/06/2014 09:36:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira FireWall erreicht.

Error: (11/04/2014 09:27:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062


Microsoft Office Sessions:
=========================
Error: (10/25/2014 07:16:23 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (09/19/2014 07:59:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RENATE)
Description: eBayInc.eBay_1618n3s9xq8tw!App-2144927142

Error: (09/19/2014 07:59:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: eBay.CoreApp.exe1.5.0.224401cfd3d72d258fab4294967295C:\Program Files\WindowsApps\eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8tw\eBay.CoreApp.exe74ff5622-3fca-11e4-becd-48d2249359e3eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8twApp

Error: (09/19/2014 07:59:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RENATE)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142

Error: (09/19/2014 07:59:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: eBayInc.eBay_1.5.2.16_neutral__1618n3s9xq8tw+App

Error: (09/19/2014 07:58:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c+App

Error: (09/14/2014 07:05:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (09/04/2014 07:09:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RENATE)
Description: Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe+MicrosoftMahjong

Error: (08/29/2014 07:50:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17239fc801cfc35468fe7f5542C:\Program Files\Internet Explorer\iexplore.exeb5a17a0e-2f48-11e4-bec7-48d2249359e3

Error: (08/17/2014 04:32:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Mahjong.exe1.1.0.053393edaWindows.UI.Xaml.dll6.3.9600.1704153181c35c0000005003f1bdc108c01cfba303fdf7209C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\Mahjong.exeC:\Windows\System32\Windows.UI.Xaml.dlla232f37e-2623-11e4-bec4-48d2249359e3Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbweMicrosoftMahjong


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 12%
Total physical RAM: 12163.27 MB
Available physical RAM: 10632.25 MB
Total Pagefile: 14019.27 MB
Available Pagefile: 12109.28 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (TI31128200B) (Fixed) (Total:918.75 GB) (Free:877.16 GB) NTFS
Drive e: () (Removable) (Total:14.97 GB) (Free:1.31 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         
__________________

Alt 10.11.2014, 15:39   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



hi,


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.11.2014, 18:31   #5
Ricky O.
 
Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=00ceed8eab128f4484e1abe4de41de7f
# engine=21023
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-10 06:28:17
# local_time=2014-11-10 07:28:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1805 16777213 100 100 7473 236941353 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 20164231 40525390 0 0
# scanned=151895
# found=34
# cleaned=0
# scan_time=2330
sh=75773C452146645B80387025120B3AFC1BD7F608 ft=1 fh=f924702fd032a998 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\Mobogenie.exe.vir"
sh=CD814F8CAC8880831029BCA4568031141FFE8534 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=D9B3BA161D98EA1AD0E61015B2F11DB47A0A6875 ft=1 fh=8252b73ae811ba6a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\UpdateMoboGenie.exe.vir"
sh=97566EFC7EA49FABD17E2B059365DCFCEBFF8724 ft=1 fh=d28dc60fa0e472fd vn="Variante von Win32/SpeedingUpMyPC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe.vir"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=E176D7F68E9CC6D03E8555B51565423033CDF6A9 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.5.zip.vir"
sh=E45C1D583BDD644F636D8DA387761796CE1D7038 ft=1 fh=fe33acdf835fbfaa vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=75773C452146645B80387025120B3AFC1BD7F608 ft=1 fh=f924702fd032a998 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=CD814F8CAC8880831029BCA4568031141FFE8534 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=D9B3BA161D98EA1AD0E61015B2F11DB47A0A6875 ft=1 fh=8252b73ae811ba6a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=8021BB5B4229B0C04C9FAE330F61065707B1C043 ft=1 fh=2043db95ce3a218b vn="Variante von Win32/LoadTubes.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\loadtbs\toolbar.dll.vir"
sh=92B359D33855BF27D6F0C1F58510D7B493A1162B ft=1 fh=4d6af7cbc920e55f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\loadtbs\uninstall.exe.vir"
sh=5BC240BA00AEF4E38F049E674A1D0C2344C5964C ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js.vir"
sh=B1AC43E764B69130B38ED26906B2F26011D0534B ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\Extensions\software@loadtubes.com\chrome\content\loadtbs.js.vir"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys.vir"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys.vir"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-k.mbam"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-r.mbam"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-u.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-k.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-r.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-u.mbam"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-k.mbam"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-r.mbam"
sh=A281E2D0ECD5573E066D6D364EB626889B115E0E ft=1 fh=c2689a5ea9ac6a73 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{55685567-4840-4a91-962b-49a412e9485a}w64.sys-u.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-k.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-r.mbam"
sh=5B0A87C45C39902D713DB6C72003B97F06815247 ft=1 fh=1cd136ac2369d0aa vn="Win64/Riskware.NetFilter.A Anwendung" ac=I fn="C:\Users\All Users\Malwarebytes\ Malwarebytes Anti-Malware \{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys-u.mbam"
sh=282501AA2FA177D942282F8E2EB5E1D25CA17AED ft=1 fh=170a29edd91c8b10 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\tmp\SupTab.exe"
sh=9A189D6EAB28C6F9C20AEEFA3E7134916E38C65B ft=1 fh=c71c0011b919b825 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\AppData\Local\Temp\fullpackage_temp1399197535\tmp\wpm.exe"
sh=FFE0A97184C0E97C3763BCAD61A0A55CE01B797B ft=1 fh=aa4309ccd314a64f vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\Downloads\ReimageRepair(1).exe"
sh=FFE0A97184C0E97C3763BCAD61A0A55CE01B797B ft=1 fh=aa4309ccd314a64f vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\Downloads\ReimageRepair(2).exe"
sh=FFE0A97184C0E97C3763BCAD61A0A55CE01B797B ft=1 fh=aa4309ccd314a64f vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\Downloads\ReimageRepair.exe"
sh=7ECD7F795F915F5877AC4F858577F3E86E2E4861 ft=1 fh=fc5d4d399772f31a vn="Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Schorsch\Downloads\tamsp_140901075113925094.exe"
         
SecurityCheck:
Code:
ATTFilter
8 Results of screen317's Security Check version 0.99.89  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 71  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.152  
 Mozilla Firefox 29.0.1 Firefox out of Date!  
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Schorsch (administrator) on RENATE on 10-11-2014 19:36:14
Running from C:\Users\Schorsch\Desktop
Loaded Profiles: Schorsch (Available profiles: Schorsch)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-993131023-4244169656-192317998-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-05-29] (Spotify Ltd)
HKU\S-1-5-21-993131023-4244169656-192317998-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-14] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKLM-x32 - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
SearchScopes: HKCU - DefaultScope {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = 
SearchScopes: HKCU - {3F6535AD-9547-49F6-AAC1-D561A1AFDD2D} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: webget - C:\Users\Schorsch\AppData\Roaming\Mozilla\Firefox\Profiles\a93fqwyu.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi [2014-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirFirewallService; C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [1044784 2014-10-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [805112 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-25] (Avira Operations GmbH & Co. KG)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 avfwim; C:\Windows\system32\DRIVERS\avfwim.sys [114608 2014-03-22] (Avira GmbH)
R1 avfwot; C:\Windows\system32\DRIVERS\avfwot.sys [141376 2013-11-02] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-03-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:36 - 2014-11-10 19:36 - 00000000 ____D () C:\Users\Schorsch\Desktop\FRST-OlderVersion
2014-11-10 19:32 - 2014-11-10 19:32 - 00854448 _____ () C:\Users\Schorsch\Desktop\SecurityCheck.exe
2014-11-10 18:31 - 2014-11-10 18:31 - 00000000 ____D () C:\Users\Schorsch\AppData\Roaming\Oracle
2014-11-10 18:31 - 2014-11-10 18:31 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-10 18:30 - 2014-11-10 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-10 18:30 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-10 18:30 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-10 18:30 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-10 18:30 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-10 18:29 - 2014-11-10 18:30 - 02347384 _____ (ESET) C:\Users\Schorsch\Downloads\esetsmartinstaller_deu.exe
2014-11-10 18:29 - 2014-11-10 18:30 - 00004426 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-09 18:54 - 2014-11-09 18:55 - 00021339 _____ () C:\Users\Schorsch\Desktop\Addition.txt
2014-11-09 18:53 - 2014-11-10 19:36 - 00013352 _____ () C:\Users\Schorsch\Desktop\FRST.txt
2014-11-09 18:53 - 2014-11-10 19:36 - 00000000 ____D () C:\FRST
2014-11-09 18:52 - 2014-11-10 19:36 - 02116096 _____ (Farbar) C:\Users\Schorsch\Desktop\FRST64.exe
2014-11-06 09:37 - 2014-11-06 09:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-11-04 21:24 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-04 21:24 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-04 19:32 - 2014-11-09 02:48 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-04 19:30 - 2014-11-04 19:30 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 19:30 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-04 19:30 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-04 19:30 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-04 19:30 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-04 19:29 - 2014-11-04 19:29 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Schorsch\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-04 19:26 - 2014-11-09 02:41 - 00000000 ____D () C:\AdwCleaner
2014-11-04 19:25 - 2014-11-04 19:26 - 01375089 _____ () C:\Users\Schorsch\Downloads\adwcleaner_3.311.exe
2014-10-25 18:46 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-25 18:46 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-25 18:46 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-10-25 18:46 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-10-25 18:45 - 2014-07-24 16:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-10-25 18:45 - 2014-07-24 16:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-10-25 18:45 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-25 18:45 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-25 18:45 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-10-25 18:45 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-10-25 18:45 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-25 18:45 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-10-25 18:45 - 2014-07-24 16:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-10-25 18:45 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-10-25 18:45 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-25 18:45 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-25 18:45 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-10-25 18:45 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-10-25 18:45 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-10-25 18:45 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-10-25 18:45 - 2014-07-24 15:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-10-25 18:45 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-25 18:45 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-25 18:45 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-10-25 18:45 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-10-25 18:45 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-10-25 18:45 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-25 18:45 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-25 18:45 - 2014-07-24 12:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-10-25 18:45 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-10-25 18:45 - 2014-07-24 12:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-10-25 18:45 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-25 18:45 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-10-25 18:45 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-10-25 18:45 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-10-25 18:45 - 2014-07-24 12:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-10-25 18:45 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-10-25 18:45 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-10-25 18:45 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-10-25 18:45 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-10-25 18:45 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-25 18:45 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-25 18:45 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-10-25 18:45 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-10-25 18:45 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-10-25 18:45 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-10-25 18:45 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-10-25 18:45 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-10-25 18:45 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-10-25 18:45 - 2014-07-24 11:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-10-25 18:45 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-10-25 18:45 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-10-25 18:45 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-10-25 18:45 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-10-25 18:45 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-10-25 18:45 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-10-25 18:45 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-10-25 18:45 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-10-25 18:45 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-10-25 18:45 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-10-25 18:45 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-10-25 18:45 - 2014-07-24 10:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-10-25 18:45 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-10-25 18:45 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-10-25 18:45 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-10-25 18:45 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-10-25 18:45 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-10-25 18:45 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-10-25 18:45 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-10-25 18:45 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-10-25 18:45 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-10-25 18:45 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-25 18:45 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-25 18:45 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-25 18:45 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-10-25 18:45 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-10-25 18:45 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-10-25 18:45 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-25 18:45 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-10-25 18:45 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-25 18:45 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-10-25 18:45 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-25 18:45 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-10-25 18:45 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-10-25 18:45 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-10-25 18:45 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-10-25 18:45 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-25 18:45 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-10-25 18:45 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-25 18:45 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-10-25 18:45 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-10-25 18:45 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-10-25 18:45 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-10-25 18:45 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-10-25 18:45 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-10-25 18:45 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-10-25 18:45 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-10-25 18:45 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-10-25 18:45 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-10-25 18:45 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-25 18:45 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-10-25 18:45 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-10-25 18:45 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-10-25 18:45 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-10-25 18:45 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-10-25 18:45 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-10-25 18:45 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-10-25 18:45 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-10-25 18:45 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-10-25 18:45 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-10-25 18:45 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-10-25 18:45 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-10-25 18:45 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-10-25 18:45 - 2014-07-24 08:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-10-25 18:45 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-10-25 18:45 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-10-25 18:45 - 2014-07-24 08:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-25 18:45 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-10-25 18:45 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-25 18:45 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-10-25 18:45 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-10-25 18:45 - 2014-07-12 06:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-10-25 18:45 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-10-25 18:45 - 2014-07-12 05:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-10-25 18:45 - 2014-07-12 05:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-10-25 18:45 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-10-25 18:45 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-10-25 18:45 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-10-25 18:45 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-10-25 18:45 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-10-25 18:45 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-10-25 18:45 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-10-25 18:45 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-25 18:45 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-10-25 18:45 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-10-25 18:45 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-25 18:45 - 2014-06-19 03:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-25 18:45 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-25 18:45 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-25 18:45 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-10-25 18:45 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-10-25 18:45 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-10-25 18:45 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-10-25 18:45 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-10-25 18:45 - 2014-05-31 11:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-10-25 18:45 - 2014-05-31 11:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-10-25 18:45 - 2014-05-31 11:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-10-25 18:45 - 2014-05-31 07:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-10-25 18:45 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-10-25 18:45 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-10-25 18:45 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-10-25 18:45 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-10-25 18:45 - 2014-05-29 06:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-25 18:45 - 2014-05-29 05:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-25 18:45 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-10-25 18:45 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-10-25 18:45 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-10-25 18:45 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-10-25 18:45 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-10-25 18:45 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-10-25 18:45 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-10-25 18:45 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-10-25 18:45 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-10-25 18:39 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-25 18:37 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-25 18:37 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-25 18:37 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-25 18:37 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-25 18:37 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-25 18:37 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-25 18:37 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-25 18:37 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-25 18:37 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-25 18:37 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-25 18:37 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-25 18:37 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-25 18:37 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-25 18:37 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-25 18:37 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-10-25 18:34 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-25 18:34 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-25 18:34 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-25 18:34 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-25 18:34 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-25 18:34 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-25 18:34 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-25 18:34 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-25 18:34 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-25 18:34 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-25 18:34 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-25 18:34 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-25 18:34 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-25 18:34 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-25 18:34 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-25 18:34 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-25 18:34 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-25 18:34 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-25 18:34 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-25 18:34 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-25 18:34 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-25 18:34 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-25 18:34 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-25 18:34 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-25 18:34 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-25 18:34 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-25 18:34 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-25 18:34 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-25 18:34 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-25 18:34 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-25 18:34 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-25 18:34 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-25 18:34 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-25 18:34 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-25 18:34 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-25 18:34 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-25 18:34 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-25 18:34 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-25 18:34 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-25 18:34 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-25 18:34 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-10-25 18:33 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 18:33 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-25 18:33 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-25 18:33 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-25 18:33 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 18:33 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 18:33 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 18:33 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-25 18:33 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-25 18:33 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-25 18:33 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-25 18:33 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-25 18:33 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-25 18:33 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-25 18:33 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-25 18:33 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-25 18:33 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-25 18:33 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-25 18:33 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-25 18:33 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 18:33 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-25 18:33 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-25 18:33 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-25 18:33 - 2014-08-16 01:20 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-25 18:33 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 18:33 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-25 18:33 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-25 18:33 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-25 18:33 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-25 18:33 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-25 18:33 - 2014-08-16 01:11 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-25 18:33 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-25 18:33 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-25 18:33 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 18:33 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-25 18:33 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-10-25 18:33 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-10-25 18:33 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-10-25 17:49 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-25 17:49 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-25 17:49 - 2014-05-13 05:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-25 17:49 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-25 17:49 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-25 17:49 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-25 17:49 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-25 17:49 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-25 17:49 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-25 17:49 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-25 17:49 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-25 17:49 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-25 17:49 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-25 17:49 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-25 17:49 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-25 17:49 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-25 17:49 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-25 17:49 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-25 17:49 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-25 17:49 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-25 17:49 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-25 17:49 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-25 17:49 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-25 17:49 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-25 17:49 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-25 17:49 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-25 17:49 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-25 17:49 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-25 17:49 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-25 17:49 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-10-25 17:49 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-10-25 17:48 - 2014-04-18 15:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-10-25 17:48 - 2014-04-18 10:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-10-25 17:48 - 2014-04-14 10:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-10-25 17:48 - 2014-04-14 09:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-10-25 17:48 - 2014-04-11 05:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-10-25 17:48 - 2014-04-11 05:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-10-25 17:48 - 2014-04-09 12:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-10-25 17:48 - 2014-04-09 07:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-10-25 17:48 - 2014-04-09 06:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-10-25 17:48 - 2014-04-09 04:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-10-25 17:48 - 2014-04-08 03:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-10-25 17:48 - 2014-04-06 17:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-10-25 17:48 - 2014-04-06 17:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-10-25 17:48 - 2014-04-06 17:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-10-25 17:48 - 2014-04-06 17:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-10-25 17:48 - 2014-04-06 17:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-10-25 17:48 - 2014-04-06 17:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-10-25 17:48 - 2014-04-06 17:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-10-25 17:48 - 2014-04-06 16:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-10-25 17:48 - 2014-04-06 16:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-10-25 17:48 - 2014-04-06 13:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-10-25 17:48 - 2014-04-06 13:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-10-25 17:48 - 2014-04-06 13:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-10-25 17:48 - 2014-04-06 13:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-10-25 17:48 - 2014-04-06 13:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-10-25 17:48 - 2014-04-06 12:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-10-25 17:48 - 2014-04-06 12:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-10-25 17:48 - 2014-04-06 12:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-10-25 17:48 - 2014-04-06 11:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-10-25 17:48 - 2014-04-06 11:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-10-25 17:48 - 2014-04-06 11:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-10-25 17:48 - 2014-04-06 10:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-10-25 17:48 - 2014-04-03 09:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-10-25 17:48 - 2014-04-03 09:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-10-25 17:48 - 2014-04-03 05:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-10-25 17:48 - 2014-04-03 05:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-10-25 17:48 - 2014-04-03 03:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-10-25 17:48 - 2014-04-03 03:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-10-25 17:48 - 2014-03-28 16:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-10-25 17:48 - 2014-03-27 06:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-10-25 17:48 - 2014-03-27 05:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-10-25 17:48 - 2014-03-27 04:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-10-25 17:48 - 2014-03-27 04:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-10-25 17:48 - 2014-03-19 09:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-10-25 17:48 - 2014-03-19 08:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-25 17:48 - 2014-03-19 08:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-10-25 17:48 - 2014-03-18 06:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-10-25 17:48 - 2014-03-18 05:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-10-25 17:48 - 2014-03-17 06:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-10-25 17:48 - 2014-03-17 05:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-10-25 17:48 - 2014-03-14 07:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-10-25 17:48 - 2014-03-14 07:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-10-25 17:47 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-25 17:47 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-25 17:47 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-25 17:47 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-25 17:47 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-25 17:47 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-25 17:47 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-25 17:47 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-25 17:47 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-10-25 17:47 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-10-25 17:47 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-10-25 17:47 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-10 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-10 18:59 - 2014-03-22 09:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-10 18:44 - 2014-03-22 11:47 - 01899499 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-10 18:42 - 2013-10-31 09:40 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-993131023-4244169656-192317998-1001
2014-11-10 18:30 - 2014-03-22 09:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-10 18:30 - 2014-03-22 09:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-10 18:24 - 2013-11-06 08:48 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4EE96860-9547-4D59-BBA2-B74A6F24AE7A}
2014-11-10 18:22 - 2014-03-22 11:53 - 00000000 __RDO () C:\Users\Schorsch\SkyDrive
2014-11-09 18:55 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-09 18:55 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-09 18:55 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-09 05:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-09 04:54 - 2013-08-22 15:46 - 00289609 _____ () C:\WINDOWS\setupact.log
2014-11-09 02:36 - 2013-11-23 09:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-09 02:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-09 02:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-09 02:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-09 02:34 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-06 09:36 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-06 09:35 - 2013-11-13 23:18 - 00003162 _____ () C:\WINDOWS\PFRO.log
2014-11-04 21:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-04 21:23 - 2013-08-22 15:44 - 00338048 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-04 21:20 - 2013-11-14 08:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-11-04 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-04 21:20 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-11-04 21:18 - 2014-03-22 11:32 - 00000000 ____D () C:\Users\Schorsch
2014-11-01 18:44 - 2014-03-29 17:59 - 00861470 _____ () C:\WINDOWS\system32\upgrade.log
2014-11-01 18:44 - 2014-03-29 17:59 - 00017642 _____ () C:\WINDOWS\SysWOW64\upgrade.log
2014-10-25 17:37 - 2013-11-02 16:45 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-25 17:37 - 2013-11-02 16:45 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-10-25 17:37 - 2013-11-02 16:45 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

Some content of TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\Schorsch\AppData\Local\Temp\avgnt.exe
C:\Users\Schorsch\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Schorsch\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-09 03:16

==================== End Of Log ============================
         
--- --- ---


Geändert von Ricky O. (10.11.2014 um 18:37 Uhr)

Alt 11.11.2014, 15:44   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



Java und Firefox updaten. Download Ordner leeren.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
--> Viele Funde via MBAM Windows 8, kein log file gespeichert?

Alt 11.11.2014, 19:36   #7
Ricky O.
 
Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



Ja. Danke. Aber es ist nicht mein System.^^

Ich fragte eben nach, da ich 1. bei Windows 8 nicht ganz bewandert bin und 2. weil da Dinge aufgeploppt sind mit denen ich noch keinen Kontakt hatte. Keine Ahnung, ob sich da was eingeschlichen hat, weil die Bekannte ihre Mahjong-Spiele aus dubiosen Quellen abgerufen hat. Ich werde es aber mal an sie weiterleiten.

Danke jedenfalls für die Hilfe. Malwarebytes findet jetzt auch nichts mehr. Ich werde denen auch mal Adblock und No Script empfehlen. Das scheint bei deren Browsern auch zu fehlen.

Danke für die Hilfe.

Alt 12.11.2014, 18:09   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Viele Funde via MBAM Windows 8, kein log file gespeichert? - Standard

Viele Funde via MBAM Windows 8, kein log file gespeichert?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Viele Funde via MBAM Windows 8, kein log file gespeichert?
android/mobserv.a, fehlercode 0xc0000005, fehlercode windows, installmanager.exe, mobogenie, mobogenie entfernen, pup.loadtubes, pup.optional.iepluginservice.a, pup.optional.installcore, pup.optional.quickstart.a, pup.optional.skytech.a, pup.optional.v9.a, pup.optional.webget.a, pup.optional.wpmanager, sweet-page, sweet-page entfernen, win32/elex.ae, win32/elex.av, win32/loadtubes.a, win32/loadtubes.c, win32/loadtubes.d, win32/mobogenie.a, win32/systweak.k, win32/toolbar.babylon.t, win64/riskware.netfilter.a, win64/riskware.netfilter.f



Ähnliche Themen: Viele Funde via MBAM Windows 8, kein log file gespeichert?


  1. Viele Funde mit MBAM
    Plagegeister aller Art und deren Bekämpfung - 12.11.2015 (10)
  2. Diverse Funde mit MBAM
    Plagegeister aller Art und deren Bekämpfung - 15.10.2014 (5)
  3. Windows 7: 30 Funde mbam, 2 Funde avira
    Log-Analyse und Auswertung - 30.08.2014 (12)
  4. Windows 7 auf einmal langsam, Festplatte umformatiert, viele Malwarebytes Funde
    Log-Analyse und Auswertung - 11.08.2014 (9)
  5. Windows Vista SP2: Kein Zugriff mehr auf viele Programme.
    Log-Analyse und Auswertung - 17.04.2014 (7)
  6. Windows Vista: Browser leiten best. Seiten um, mbam macht kein update
    Log-Analyse und Auswertung - 08.04.2014 (17)
  7. Windows 7: diverse Probleme und viele Funde bei MWB Antimalware
    Log-Analyse und Auswertung - 06.03.2014 (15)
  8. Vista: Viele Funde durch MBAM, Zugangsprobleme Internet, PC langsam
    Log-Analyse und Auswertung - 04.03.2014 (11)
  9. MBAM hat 16 Funde gemeldet
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (14)
  10. Windows 7: Wiederholte Funde bösartiger Software durch MBAM
    Log-Analyse und Auswertung - 09.02.2014 (7)
  11. Windows 7: POPups im Browser und MBAM-Funde, Absturz
    Log-Analyse und Auswertung - 02.02.2014 (12)
  12. Windows 8.1: evtl. BKA-Virus und Funde durch MBAM
    Log-Analyse und Auswertung - 20.12.2013 (13)
  13. Funde mit mbam und Avast
    Plagegeister aller Art und deren Bekämpfung - 24.09.2013 (11)
  14. Windows 7: Funde mit MBAM / entrusted toolbar gefunden
    Log-Analyse und Auswertung - 15.09.2013 (9)
  15. Windows Vista, kurze Einblendung auf Bildschirm, mit Text: zu viele Klicks, wird gespeichert zwecks Verfolgung
    Log-Analyse und Auswertung - 31.08.2013 (6)
  16. Übles Problem : Kein Internetzugriff mehr, Registry Einträge werden nicht gespeichert
    Log-Analyse und Auswertung - 01.11.2009 (2)
  17. Mehrere Funde bei Mbam
    Plagegeister aller Art und deren Bekämpfung - 17.04.2009 (0)

Zum Thema Viele Funde via MBAM Windows 8, kein log file gespeichert? - Guten Tag, ich habe den Laptop einer Bekannten hier, der seit einigen Wochen arge Probleme machte. Demnach habe ich Malwarebytes in der Free Version installiert und diverse Einträge gefunden. Allerdings - Viele Funde via MBAM Windows 8, kein log file gespeichert?...
Archiv
Du betrachtest: Viele Funde via MBAM Windows 8, kein log file gespeichert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.