![]() |
|
Antiviren-, Firewall- und andere Schutzprogramme: Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnenWindows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
![]() |
|
![]() | #1 |
![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Hallo, ich habe folgendes Problem: Ich hatte einen dieser PUA-Viren auf meinem Laptop. Ich hab Antivir und Malwarebytes drüber laufen lassen, die haben das gefunden und entfernt. Gemerkt habe ich es nur daran, dass mein System sich aus dem Ruhemodus nicht mehr starten ließ und das Programme nicht mehr reagierten, wenn ich firefox geöffnet hatte. Ich konnte dann den Task-Manager nicht mehr öffnen, der Button "Herunterfahren" oder "neu starten" ließ sich nicht mehr drücken. Außerdem hat Antivir seit dem 10.3. keine Updates mehr geladen. Jetzt hab ich also die beiden drüber laufen lassen, Viren entfernt, aber updates wurden immernoch nicht geladen. Bei "installiere updates" ist es immer hängen geblieben und es ist gar nichts mehr passiert. Jetzt hab ich Avira deinstalliert und neu installiert. Das ging auch alles. Wenn ich jetzt aber Antivir installieren will und da rechts in diesem Fenster das anklicke, dann feht firefox auf und sagt mir aber Verbindungsfehler und dass ich keine Internetverbindung habe. Stimmt aber nicht, alles andere geht im Internet. Hat irgendwer ne Idee, was da auf meinem Laptop los ist und was ich machen kann? ![]() Rocki P.S.: Ach ja, ich hab Windows 8.1 auf meinem Laptop. |
![]() | #2 |
![]() ![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Hast du noch die Logs von Avira und von Malwarebytes ? Bitte posten.
__________________ |
![]() | #3 |
![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen nein, hab ich leider nicht mehr.
__________________![]() Ich dachte ja, ich hab das Problem gelöst. ![]() |
![]() | #4 |
![]() ![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Einen Moment es werden sich gleich die Experten melden, du kannst in der Zwischenzeit einen neuen Scan mit Malwarebytes machen nichts löschen und das Log hier posten. Geändert von Kronos60 (20.03.2015 um 18:00 Uhr) |
![]() | #5 | |
![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Danke, hier ist schonmal der Log. Zitat:
|
![]() | #6 |
![]() ![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Du kannst auch noch ein Frst Log erstellen: http://filepony.de/download-frst/ Die Addition auch posten Aber alles in Code einfügen, wie auf den Screenshot: [IMG] ![]() |
![]() | #7 |
Ruhe in Frieden † 2019 ![]() ![]() ![]() ![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Hallo, hast du als du Avira deinstalliert hast auch den RegCleaner von Avira danach laufen lassen? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION removeproxy: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte ![]()
Schritt 3 Starte noch einmal FRST.
|
![]() | #8 |
![]() ![]() | ![]() Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen Hier schon mal der Firstlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Theresa at 2015-03-23 16:43:43 Run:1 Running from C:\Users\Theresa\Desktop Loaded Profiles: UpdatusUser & Theresa (Available profiles: UpdatusUser & Theresa) Boot Mode: Normal ============================================== Content of fixlist: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION removeproxy: ***************** C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully. C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. HKU\S-1-5-21-3447419969-194199677-3206324585-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\S-1-5-21-3447419969-194199677-3206324585-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. HKU\S-1-5-21-3447419969-194199677-3206324585-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully. HKU\S-1-5-21-3447419969-194199677-3206324585-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully. ========= End of RemoveProxy: ========= The system needed a reboot. ==== End of Fixlog 16:43:44 ==== Code:
ATTFilter # AdwCleaner v4.113 - Bericht erstellt 23/03/2015 um 16:55:51 # Aktualisiert 22/03/2015 von Xplode # Datenbank : 2015-03-23.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : Theresa - LENOVO-PC # Gestarted von : C:\Users\Theresa\Desktop\AdwCleaner_4.113.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Theresa\AppData\Roaming\pdfforge Datei Gelöscht : C:\Users\Theresa\AppData\Roaming\LiveSupport.exe_log.txt Datei Gelöscht : C:\Users\Theresa\AppData\Roaming\regsvr32.exe_log.txt Datei Gelöscht : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\4w347zpf.default\searchplugins\zonealarm.xml Datei Gelöscht : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\4w347zpf.default\user.js ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Schlüssel Gelöscht : HKLM\SOFTWARE\0f79aecd-87d4-4980-864f-1e4a769f201f Schlüssel Gelöscht : HKLM\SOFTWARE\1429d744-e943-474e-bdc8-51aedaf9edbb Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\Optimizer Pro Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\SOFTWARE\TermTutor ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v36.0.4 (x86 de) [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.hiddenOneOffs", "Yahoo,Amazon.de,Bing,DuckDuckGo,eBay,LEO Eng-Deu,Search By ZoneAlarm,Search the web (Iminent),Wikipedia (de)"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.admin", false); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.aflt", "orgnl"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.autoRvrt", "false"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.dfltLng", ""); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.excTlbr", false); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.id", "1a80271700000000000028e3475a9879"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.instlDay", "16390"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.instlRef", ""); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.newTab", false); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.prdct", "iminent"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.prtnrId", "iminent"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.rvrt", "false"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.smplGrp", "none"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q="); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.320:44:39"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=d82ccfe24b9b4ef9926f26bf9ab82230&tu=10GXy00HY1D33N0&sku=&tstsId=&ver=&"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&gu=d82ccfe24b9b4ef9926f26bf9ab82230&tu=10GXy00HY1D33N0&sku=&tstsId=&ver=&&q="); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=DE&gu=d82ccfe24b9b4ef9926f26bf9ab82230&tu=10GXy00HY1D33N0&sku=&tstsId=&ver=&"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=d82ccfe24b9b4ef9926f26bf9ab82230&tu=10GXy00HY1D33N0&sku=&tstsId=&ver=&&q="); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.LayoutId", "1"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.ShowThankyouPixel", "0"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.adapters", "{\"safecart.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14161674[...] [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...] [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent102", "1419416641419"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent109", "1417862497826"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent111", "1417862497539"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent112", "1417862501655"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent122", "1417862497927"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent136", "1417439127620"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent140", "1417786638653"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.version", "8.45.2.1"); [4w347zpf.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.45.2.1\",\"InstallEventCTime\":1419419353337}"); -\\ Google Chrome v41.0.2272.101 [C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411582197&from=ild&uid=ST500LM000-SSHD-8GB_W371M1C5XXXXW371M1C5&q={searchTerms} [C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411582197&from=ild&uid=ST500LM000-SSHD-8GB_W371M1C5XXXXW371M1C5&q={searchTerms} ************************* AdwCleaner[R0].txt - [21522 Bytes] - [25/09/2014 16:34:49] AdwCleaner[R1].txt - [9399 Bytes] - [23/03/2015 16:51:44] AdwCleaner[S0].txt - [18920 Bytes] - [25/09/2014 16:36:28] AdwCleaner[S1].txt - [9567 Bytes] - [23/03/2015 16:55:51] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9626 Bytes] ########## und der neue frst FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Theresa (administrator) on LENOVO-PC on 23-03-2015 17:09:23 Running from C:\Users\Theresa\Desktop Loaded Profiles: UpdatusUser & Theresa (Available profiles: UpdatusUser & Theresa) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE () C:\Program Files\Activ Software\ActivDriver\FlashExtension\flashbridge-wrapper-crossplatform.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2801392 2013-10-11] (Synaptics Incorporated) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-02-26] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-02-26] (Lenovo(beijing) Limited) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-17] (Copyright 2013 SAMSUNG) HKLM\...\Run: [ActivManager] => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe [683872 2013-11-22] () HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-17] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications)) HKU\S-1-5-21-3447419969-194199677-3206324585-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd) HKU\S-1-5-21-3447419969-194199677-3206324585-1002\...\RunOnce: [Adobe Speed Launcher] => 1427126317 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivSDK Flash Extension.lnk ShortcutTarget: ActivSDK Flash Extension.lnk -> C:\Windows\Installer\{633EB44A-B19A-409E-8321-78B363553398}\NewShortcut1_08A9BB67B3284FEA9EC29BCD3F863A4A.exe (Flexera Software, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3447419969-194199677-3206324585-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3447419969-194199677-3206324585-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3447419969-194199677-3206324585-1002 -> {C2D58DAC-BD84-4701-9FA7-E5CB38DC5AF2} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-05] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-05] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\4w347zpf.default FF SelectedSearchEngine: Search By ZoneAlarm FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-22] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-22] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-05] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\4w347zpf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-21] Chrome: ======= CHR Profile: C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26] CHR Extension: (Google Drive) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-24] CHR Extension: (YouTube) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26] CHR Extension: (Google Search) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26] CHR Extension: (Google Wallet) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26] CHR Extension: (Gmail) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 ActivControl; C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe [21864 2013-11-22] (Promethean) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed] R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-26] () R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-07-15] (Qualcomm Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-11] (Synaptics Incorporated) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation) R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-23 17:07 - 2015-03-23 17:07 - 00000000 ____D () C:\Users\Theresa\AppData\Roaming\Avira 2015-03-23 16:53 - 2015-03-17 13:01 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-03-23 16:53 - 2015-03-17 13:01 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-03-23 16:53 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-03-23 16:48 - 2015-03-23 16:48 - 02168320 _____ () C:\Users\Theresa\Desktop\AdwCleaner_4.113.exe 2015-03-22 13:12 - 2015-03-22 13:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-22 13:00 - 2015-03-22 13:02 - 00041304 _____ () C:\Users\Theresa\Desktop\Addition.txt 2015-03-22 12:57 - 2015-03-23 17:09 - 00018524 _____ () C:\Users\Theresa\Desktop\FRST.txt 2015-03-22 12:57 - 2015-03-23 17:09 - 00000000 ____D () C:\FRST 2015-03-22 12:56 - 2015-03-22 12:57 - 02095616 _____ (Farbar) C:\Users\Theresa\Desktop\FRST64.exe 2015-03-20 18:23 - 2015-03-20 18:23 - 00001191 _____ () C:\Users\Theresa\Desktop\mbam.txt 2015-03-20 17:36 - 2015-03-20 17:41 - 147571744 _____ (Avast Software s.r.o.) C:\Users\Theresa\Desktop\avast_free_antivirus_setup.exe 2015-03-20 16:48 - 2015-03-23 16:57 - 00133966 _____ () C:\WINDOWS\PFRO.log 2015-03-20 16:48 - 2015-03-23 16:57 - 00000348 _____ () C:\WINDOWS\setupact.log 2015-03-20 16:48 - 2015-03-20 16:48 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-03-20 16:43 - 2015-03-03 14:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-03-20 16:39 - 2015-03-20 17:25 - 00000000 ____D () C:\OETemp 2015-03-20 16:36 - 2015-03-23 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-03-20 16:36 - 2015-03-23 16:52 - 00000000 ____D () C:\ProgramData\Avira 2015-03-20 16:36 - 2015-03-23 16:52 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-03-20 16:36 - 2015-03-20 16:36 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-03-20 16:35 - 2015-03-20 16:35 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-20 14:19 - 2015-03-20 14:19 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Theresa\Desktop\avira_de_av_550c1f3a60a74__ws.exe 2015-03-18 19:59 - 2015-03-23 16:59 - 01364291 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-11 15:40 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-03-11 15:40 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-03-11 15:36 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-03-11 15:36 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-03-11 15:36 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2015-03-11 15:36 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2015-03-11 15:36 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2015-03-11 15:36 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2015-03-11 15:36 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2015-03-11 15:36 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-03-11 15:36 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-03-11 15:35 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-03-11 15:30 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-03-11 15:30 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-03-11 15:30 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-03-11 15:30 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-03-11 15:30 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-03-11 15:30 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2015-03-11 15:30 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2015-03-11 15:29 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-03-11 15:29 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-03-11 15:29 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-03-11 15:29 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-03-11 15:29 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-03-11 15:29 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-03-11 15:29 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2015-03-11 15:29 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-03-11 15:29 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-03-11 15:29 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-03-11 15:29 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe 2015-03-11 15:29 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-03-11 15:29 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll 2015-03-11 15:29 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-03-11 15:29 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-03-11 15:29 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-03-11 15:29 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe 2015-03-11 15:29 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll 2015-03-11 15:29 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-03-11 15:29 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2015-03-11 15:29 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2015-03-11 15:29 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-03-11 15:29 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll 2015-03-11 15:29 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2015-03-11 15:29 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2015-03-11 15:29 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2015-03-11 15:29 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2015-03-11 15:28 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-03-11 15:28 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-03-11 15:28 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2015-03-11 15:28 - 2015-01-30 04:00 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2015-03-11 15:28 - 2014-10-29 03:46 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2015-03-11 15:28 - 2014-10-29 03:46 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2015-03-11 15:28 - 2014-10-29 03:45 - 01198080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-03-11 15:28 - 2014-10-29 03:03 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe 2015-03-11 15:27 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-03-11 15:27 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2015-03-11 15:27 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2015-03-11 15:27 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2015-03-11 15:27 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2015-03-11 15:27 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2015-03-11 15:27 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2015-03-11 15:27 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-11 15:27 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-11 15:27 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-03-11 15:27 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-03-11 15:27 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2015-03-11 15:27 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2015-03-11 15:27 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll 2015-03-11 15:27 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-03-11 15:27 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-03-11 15:26 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-03-11 15:26 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-03-11 15:26 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-03-11 15:26 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-03-11 15:26 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-03-11 15:26 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2015-03-11 15:26 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-03-11 15:24 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-03-11 15:24 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-03-11 15:24 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-03-11 15:24 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-03-11 15:24 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-03-11 15:24 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-03-11 15:24 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-03-11 15:24 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-03-11 15:24 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-03-11 15:24 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2015-03-11 15:24 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-03-11 15:24 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2015-03-11 15:24 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2015-03-11 15:24 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll 2015-03-11 15:24 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll 2015-03-11 15:19 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-03-11 15:19 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-03-11 15:19 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-03-11 15:19 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-03-11 15:19 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-03-11 15:19 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-03-11 15:19 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-03-11 15:19 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-03-11 15:19 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-03-11 15:19 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-03-11 15:19 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-03-11 15:19 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-03-11 15:19 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-03-11 15:19 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-03-11 15:19 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-03-11 15:19 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-03-11 15:19 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-03-11 15:19 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-03-11 15:19 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-03-11 15:19 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-03-11 15:19 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-03-11 15:19 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-03-11 15:19 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-03-11 15:19 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-03-11 15:19 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-03-11 15:19 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-03-11 15:19 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-03-11 15:19 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-03-11 15:19 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-03-11 15:19 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-03-11 15:19 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-03-11 15:19 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-03-11 15:19 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-03-11 15:19 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-03-11 15:19 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-03-11 15:19 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-03-11 15:19 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-03-11 15:15 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-03-11 15:15 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-03-11 15:15 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2015-03-11 15:10 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-03-11 15:10 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-03-11 15:09 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-03-11 15:09 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-03-11 15:09 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-03-11 15:09 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-03-11 15:09 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-03-11 15:09 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-03-06 18:55 - 2015-03-07 21:19 - 00010049 _____ () C:\Users\Theresa\Desktop\Einladung.pcf 2015-03-06 18:55 - 2015-03-06 18:55 - 00000000 ____D () C:\Users\Theresa\Desktop\Einladung-Dateien 2015-02-25 15:55 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls 2015-02-25 15:55 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls 2015-02-25 15:55 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-02-25 15:55 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-02-25 15:55 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-02-25 15:55 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-02-23 22:22 - 2015-02-23 22:22 - 00003456 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD V.cue 2015-02-23 22:22 - 2015-02-23 22:22 - 00001494 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD V.cdt 2015-02-23 22:11 - 2015-02-23 22:22 - 823940880 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD V.bin 2015-02-23 22:08 - 2015-02-23 22:08 - 00003571 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD II.cue 2015-02-23 22:08 - 2015-02-23 22:08 - 00001548 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD II.cdt 2015-02-23 21:57 - 2015-02-23 22:08 - 828814224 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD II.bin 2015-02-23 21:51 - 2015-02-23 21:51 - 00002955 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD IV.cue 2015-02-23 21:51 - 2015-02-23 21:51 - 00001314 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD IV.cdt 2015-02-23 21:40 - 2015-02-23 21:51 - 818190240 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD IV.bin 2015-02-23 21:36 - 2015-02-23 21:36 - 00003072 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD III.cue 2015-02-23 21:36 - 2015-02-23 21:36 - 00001386 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD III.cdt 2015-02-23 21:26 - 2015-02-23 21:36 - 825243888 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD III.bin 2015-02-23 21:22 - 2015-02-23 21:22 - 00003554 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD I.cue 2015-02-23 21:22 - 2015-02-23 21:22 - 00001530 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD I.cdt 2015-02-23 21:12 - 2015-02-23 21:22 - 835256352 _____ () C:\Users\Theresa\Documents\Kolibri Liederbuch CD I.bin 2015-02-23 19:59 - 2015-03-07 21:19 - 00000000 ____D () C:\Users\Theresa\Desktop\Einladung Geburtstag ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-23 17:03 - 2014-05-21 15:22 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3447419969-194199677-3206324585-1002 2015-03-23 17:02 - 2014-02-27 01:17 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2015-03-23 17:02 - 2014-02-27 01:17 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2015-03-23 17:02 - 2013-10-07 19:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-23 17:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-03-23 16:58 - 2014-07-09 15:22 - 00005148 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Theresa Lenovo-PC 2015-03-23 16:58 - 2014-06-02 17:17 - 00000000 ___DO () C:\Users\Theresa\SkyDrive 2015-03-23 16:58 - 2014-05-21 16:10 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-23 16:57 - 2014-05-21 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-23 16:57 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-23 16:56 - 2014-02-26 17:15 - 00006656 _____ () C:\WINDOWS\system32\VfService.trf 2015-03-23 16:56 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2015-03-23 16:55 - 2014-09-25 16:34 - 00000000 ____D () C:\AdwCleaner 2015-03-23 16:45 - 2014-09-24 19:22 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-03-23 16:44 - 2014-05-21 18:48 - 00000000 ____D () C:\Users\Theresa\Documents\Outlook-Dateien 2015-03-23 16:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy 2015-03-22 13:40 - 2014-05-21 16:10 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-22 13:23 - 2014-05-21 17:20 - 00000000 ____D () C:\Users\Theresa\Desktop\Schule 2015-03-22 11:56 - 2014-09-06 10:25 - 00000000 ____D () C:\Users\Theresa\AppData\Local\Adobe 2015-03-20 18:26 - 2014-06-18 20:50 - 00322560 ___SH () C:\Users\Theresa\Desktop\Thumbs.db 2015-03-20 17:56 - 2014-07-06 20:25 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-03-20 16:44 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-03-20 16:32 - 2014-06-12 14:05 - 00000000 ____D () C:\Users\Theresa\AppData\Roaming\Dropbox 2015-03-20 16:20 - 2014-05-21 15:16 - 00000000 ____D () C:\Users\Theresa 2015-03-19 15:17 - 2014-07-06 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-19 15:17 - 2014-07-06 20:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-18 18:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-03-17 21:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2015-03-17 21:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-03-17 21:19 - 2014-05-21 15:16 - 00000000 ____D () C:\Users\Theresa\AppData\Local\Packages 2015-03-17 18:45 - 2014-05-27 17:34 - 00000000 ____D () C:\Users\Theresa\AppData\Roaming\vlc 2015-03-17 18:26 - 2014-05-21 16:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-03-17 17:55 - 2014-07-14 13:08 - 00000000 ____D () C:\Users\Theresa\Desktop\Froschklasse 2015-03-17 14:53 - 2014-05-21 16:57 - 00003102 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3447419969-194199677-3206324585-1002 2015-03-16 07:10 - 2015-02-08 19:40 - 00000000 ____D () C:\Program Files\PDFCreator 2015-03-16 07:08 - 2014-05-21 15:55 - 00000000 ____D () C:\Users\Theresa\AppData\Local\CrashDumps 2015-03-12 14:00 - 2014-02-26 17:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo 2015-03-12 13:55 - 2013-08-22 15:44 - 00491392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-12 13:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-11 16:03 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-03-11 15:56 - 2014-05-26 08:27 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-11 15:51 - 2014-05-26 08:27 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-03-09 21:35 - 2015-02-17 17:15 - 00009795 _____ () C:\Users\Theresa\Desktop\Barcelona.xlsx 2015-03-06 18:22 - 2014-06-24 15:19 - 00000000 ____D () C:\Program Files (x86)\Lidl_Fotos 2015-03-05 13:39 - 2014-12-26 16:28 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-05 13:39 - 2014-07-31 09:36 - 00000000 ____D () C:\ProgramData\Oracle 2015-03-05 13:38 - 2014-12-26 16:28 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-03-05 13:38 - 2014-12-26 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-04 22:24 - 2014-11-13 17:56 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-03-04 22:24 - 2014-11-13 17:56 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-09-24 19:24 - 2014-09-24 19:24 - 0612128 _____ (ClickMeIn Limited) C:\Users\Theresa\AppData\Local\nsb6A3B.tmp 2015-02-11 19:56 - 2015-02-11 19:56 - 0001458 _____ () C:\Users\Theresa\AppData\Local\recently-used.xbel 2014-05-21 15:48 - 2014-06-05 17:14 - 0000369 _____ () C:\Users\Theresa\AppData\Local\RegisteredPackageInformation.xml 2014-02-26 16:49 - 2014-02-26 16:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Theresa\AppData\Local\Temp\avgnt.exe C:\Users\Theresa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplixm4z.dll C:\Users\Theresa\AppData\Local\Temp\Quarantine.exe C:\Users\Theresa\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-18 18:46 ==================== End Of Log ============================ --- --- --- |
![]() |
Themen zu Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen |
antivir, avira, avira antivir, button, fenster, firefox, folge, herunterfahren, hängen, internetverbindung, keine updates, klicke, malwarebytes, neu, nicht mehr, nichts, problem, programme, programme lassen sich nicht öffnen, starten, system, task-manager, updates, windows, windows 7, öffnen |