Trojaner-Board - Browser sind trotz neuem aufsetzen immernoch sehr langsam

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Browser sind trotz neuem aufsetzen immernoch sehr langsam (https://www.trojaner-board.de/155137-browser-trotz-neuem-aufsetzen-immernoch-sehr-langsam.html)

Williwu

12.06.2014 18:20

Browser sind trotz neuem aufsetzen immernoch sehr langsam

ich bedanke mich für eure/deine mithilfe schon mal im vorraus===> hier sind angaben die ich mache kann da ich seid tage um das problem ausschau halte und auch hier viele info´s sammeln konnte !

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by XXX (administrator) on XXX-PC on 06-06-2014 19:40:55
Running from C:\Users\XXX\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(T-Systems Enterprise Services GmbH) C:\Program Files (x86)\DSL-Manager\DslMgr.exe
(T-Systems Enterprise Services GmbH) C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe

==================== Registry (Whitelisted) ==================

HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-06] (Microsoft Corporation)
HKU\S-1-5-21-2132015822-3264924353-165971380-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team)
HKU\S-1-5-21-2132015822-3264924353-165971380-1000\...\MountPoints2: {476a941c-eb2f-11e3-9aa2-00226863bf18} - L:\Setup.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default
FF DefaultSearchEngine: Google
FF NetworkProxy: "backup.ftp", "93.189.46.122"
FF NetworkProxy: "backup.ftp_port", 5219
FF NetworkProxy: "backup.socks", "93.189.46.122"
FF NetworkProxy: "backup.socks_port", 5219
FF NetworkProxy: "backup.ssl", "93.189.46.122"
FF NetworkProxy: "backup.ssl_port", 5219
FF NetworkProxy: "ftp", "91.202.164.113"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "91.202.164.113"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.202.164.113"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "91.202.164.113"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-06-03]
FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-03]
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: {\
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (YouTube) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Google-Suche) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-03]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-06-03]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-03]
CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-03]
CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Google Mail) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]
CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-06-03]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
U3 a6bqleh2; C:\Windows\System32\Drivers\a6bqleh2.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-06 19:30 - 2014-06-06 19:33 - 00041848 _____ () C:\Users\Grisu\Desktop\Addition.txt
2014-06-06 19:29 - 2014-06-06 19:41 - 00017854 _____ () C:\Users\Grisu\Desktop\FRST.txt
2014-06-06 19:29 - 2014-06-06 19:40 - 00000000 ____D () C:\FRST
2014-06-06 19:24 - 2014-06-06 19:24 - 00000000 _____ () C:\Users\Grisu\Downloads\X15-65813.iso
2014-06-06 19:23 - 2014-06-06 19:24 - 729749651 _____ () C:\Users\Grisu\Downloads\X15-65813.iso.part
2014-06-06 19:04 - 2014-06-06 19:16 - 174148112 _____ () C:\Users\Grisu\Downloads\David Heat & Hack N Slash (Bootleg Mashup Pack).zip
2014-06-06 19:01 - 2014-06-06 19:15 - 187604423 _____ () C:\Users\Grisu\Downloads\DJ Robbie Mash-Up Pack (Jan 2014).rar
2014-06-06 03:15 - 2014-06-06 03:16 - 01058200 _____ (Adobe) C:\Users\Grisu\Downloads\install_flashplayer13x32_mssd_aaa_aih.exe
2014-06-06 03:03 - 2014-06-06 03:06 - 00602112 _____ (OldTimer Tools) C:\Users\Grisu\Desktop\OTL.exe
2014-06-06 03:02 - 2014-06-06 03:02 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-06 03:01 - 2014-06-06 03:01 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-06-06 02:38 - 2014-06-06 16:48 - 00000737 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-06-06 02:38 - 2014-06-06 02:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-06-06 02:32 - 2014-06-06 02:36 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet
2014-06-06 02:31 - 2014-06-06 02:31 - 00000000 ____D () C:\Plugins
2014-06-06 02:30 - 2014-06-06 02:31 - 00000000 ____D () C:\Program Files (x86)\Ganymede
2014-06-06 02:30 - 2014-06-06 02:30 - 00391064 _____ () C:\Users\Grisu\Downloads\billiards_install_1_0_2_7.exe
2014-06-06 02:26 - 2011-08-27 22:55 - 00001104 _____ () C:\Users\Grisu\Desktop\Launcher - Verknüpfung.lnk
2014-06-06 01:52 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-05 19:14 - 2014-06-05 19:14 - 00001282 _____ () C:\Users\Grisu\Desktop\Eset online scanner- Bericht.txt
2014-06-05 18:38 - 2010-11-05 03:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-06-05 18:38 - 2010-11-05 03:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-06-05 18:37 - 2010-11-20 15:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2014-06-05 18:37 - 2010-11-20 15:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-05 18:37 - 2010-11-20 15:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-06-05 18:37 - 2010-11-20 15:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-05 18:37 - 2010-11-20 15:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-05 18:37 - 2010-11-20 15:28 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 14633472 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01219584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-06-05 18:37 - 2010-11-20 15:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00326144 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-05 18:37 - 2010-11-20 15:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll

2014-06-05 18:37 - 2010-11-20 15:26 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-06-05 18:37 - 2010-11-20 15:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-06-05 18:37 - 2010-11-20 15:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 01927680 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-05 18:37 - 2010-11-20 15:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 02872320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-06-05 18:37 - 2010-11-20 15:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe

2014-06-05 18:37 - 2010-11-20 15:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-06-05 18:37 - 2010-11-20 14:55 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-05 18:37 - 2010-11-20 14:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 18:37 - 2010-11-20 14:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-05 18:37 - 2010-11-20 14:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01010688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll

ach einfach zuvil...was ich vorab gescannt habe ...sagt mir bitte einfach was noch fehlt oder was ihr noch an angaben braucht !

schrauber

12.06.2014 18:43

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Addition.txt von FRST fehlt noch.

Williwu

13.06.2014 03:20

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014

Ran by XXX at 2014-06-06 19:41:40

Running from C:\Users\XXX\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 

==================== Installed Programs ======================
 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31515 - BitTorrent Inc.)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5A06C25A-366E-46CC-880E-3F904B634E9E}) (Version:  - Microsoft)

DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )

GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)

Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)

TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden

TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)

TuneUp Utilities 2014 (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{4BC9BBF4-A2FB-4DBA-ABEA-5526E62E3B4D}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{4BC9BBF4-A2FB-4DBA-ABEA-5526E62E3B4D}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{4BC9BBF4-A2FB-4DBA-ABEA-5526E62E3B4D}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{4BC9BBF4-A2FB-4DBA-ABEA-5526E62E3B4D}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4BC9BBF4-A2FB-4DBA-ABEA-5526E62E3B4D}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2880980) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E5ADC5AD-C469-4A96-A3F7-0D4644CF54FC}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2880980) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E5ADC5AD-C469-4A96-A3F7-0D4644CF54FC}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2880980) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E5ADC5AD-C469-4A96-A3F7-0D4644CF54FC}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880482) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FB1E57CA-A425-48F5-B882-CFC0793823AE}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880482) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FB1E57CA-A425-48F5-B882-CFC0793823AE}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880482) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FB1E57CA-A425-48F5-B882-CFC0793823AE}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{663B7CD7-32AE-4AB5-8E20-12C0FA6963D4}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2878315) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{95F0CF54-BC3E-4C6F-B11D-89D6D8C6452E}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2878315) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{95F0CF54-BC3E-4C6F-B11D-89D6D8C6452E}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2880455) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{302A5BF1-9DB4-4204-988C-53073C15EF67}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2880455) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{302A5BF1-9DB4-4204-988C-53073C15EF67}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2880455) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{302A5BF1-9DB4-4204-988C-53073C15EF67}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2880455) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{302A5BF1-9DB4-4204-988C-53073C15EF67}) (Version:  - Microsoft)

VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)

VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)

WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Restore Points  =========================
 

06-06-2014 01:02:19 Windows 7 Service Pack 1
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-06-03 13:59 - 00001039 ____A C:\Windows\system32\Drivers\etc\hosts

        127.0.0.1 order.tune-up.com 

        127.0.0.1 tune-up.com 

        127.0.0.1 tune-up.com/order 

        127.0.0.1 registertuneup.com 

        127.0.0.1 download.tune-up.de 

        127.0.0.1 download.tune-up.com 

        127.0.0.1 secure.tune-up.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {4C2B059B-E406-494C-A00D-69EF4A0D737A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-04-15] (TuneUp Software)

Task: {793CE9C1-F2E5-4757-9F5E-D273FE5EF92D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {87C680BE-6BB6-4944-AAA9-0165DD2AC542} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)

Task: {93E20468-A940-43AF-9687-0AB18E8F852A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)

Task: {A4644EA7-B4DA-4564-94D6-BA7D774A2CFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {B6898039-0B6B-4298-A325-09786C6950FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)

Task: {BB2FF247-8453-4298-A734-E05978D4ACBF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-15 15:59 - 2014-04-15 15:59 - 00675640 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll

2014-06-03 11:29 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll

2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

2014-06-03 09:57 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2014-06-03 11:47 - 2014-06-03 11:47 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

2014-06-03 13:55 - 2014-06-03 13:55 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libcef.dll

2014-06-03 13:55 - 2014-06-03 13:55 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libglesv2.dll

2014-06-03 13:55 - 2014-06-03 13:55 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libegl.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 

Name: Standardtastatur (PS/2)

Description: Standardtastatur (PS/2)

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Microsoft PS/2-Maus

Description: Microsoft PS/2-Maus

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/06/2014 07:29:08 PM) (Source: MsiInstaller) (EventID: 11327) (User: Grisu-PC)

Description: Product: VirtualDJ Home FREE -- Error 1327. Invalid Drive: Q:\
 

Error: (06/06/2014 06:53:58 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:28 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:26 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:24 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:23 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:09 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:04 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:28:01 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/06/2014 05:27:50 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 

System errors:

=============

Error: (06/06/2014 04:16:06 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 

Error: (06/06/2014 01:39:04 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎05.‎06.‎2014 um 19:32:01 unerwartet heruntergefahren.
 
 

Microsoft Office Sessions:

=========================

Error: (06/06/2014 07:29:08 PM) (Source: MsiInstaller) (EventID: 11327) (User: Grisu-PC)

Description: Product: VirtualDJ Home FREE -- Error 1327. Invalid Drive: Q:\(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (06/06/2014 06:53:58 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:28 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:26 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:24 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:23 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:09 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:04 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:28:01 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 

Error: (06/06/2014 05:27:50 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Grisu\downloads\esetsmartinstaller_deu.exe
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-06-06 17:25:09.986

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.985

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.983

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.961

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.946

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.945

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.905

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.904

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-06 17:25:09.891

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-06-05 18:10:38.477

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 45%

Total physical RAM: 6135.17 MB

Available physical RAM: 3325.63 MB

Total Pagefile: 12268.53 MB

Available Pagefile: 8342.42 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: (Betriebssys) (Fixed) (Total:115.75 GB) (Free:33.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (Programme) (Fixed) (Total:1747.27 GB) (Free:1724.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive e: (Spiele) (Fixed) (Total:465.76 GB) (Free:459.55 GB) NTFS

Drive f: (Spiele 2) (Fixed) (Total:976.56 GB) (Free:969.47 GB) NTFS

Drive g: (Sicherung) (Fixed) (Total:886.45 GB) (Free:788.59 GB) NTFS

Drive h: (Volume) (Fixed) (Total:886.45 GB) (Free:456.39 GB) NTFS

Drive i: (Spiele 3) (Fixed) (Total:976.56 GB) (Free:755.19 GB) NTFS

Drive j: () (Fixed) (Total:14.9 GB) (Free:6.72 GB) FAT32
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F88326EF)

Partition 1: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=-322907930624) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F883268C)

Partition 1: (Not Active) - (Size=977 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=886 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 42C4F076)

Partition 1: (Not Active) - (Size=977 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=886 GB) - (Type=07 NTFS)
 

========================================================

Disk: 3 (Size: 466 GB) (Disk ID: 2EE023AC)

Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
 

========================================================

Disk: 8 (Size: 15 GB) (Disk ID: D93C1DCA)

Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
 

==================== End Of Log ============================

schrauber

13.06.2014 21:16

Zitat:

127.0.0.1 order.tune-up.com
127.0.0.1 tune-up.com
127.0.0.1 tune-up.com/order
127.0.0.1 registertuneup.com
127.0.0.1 download.tune-up.de
127.0.0.1 download.tune-up.com
127.0.0.1 secure.tune-up.com

Erstmal wird Tune Up deinstalliert.

Williwu

14.06.2014 02:50

hmm da ich zwar nicht die gleichen einstellungen machen kann wie tuneup aber ok wenn du es sagst
..!

wird erledigt...host lösche ich auch!

schrauber

14.06.2014 18:18

Danach bitte frische FRST Logs. Sollte ich weitere gecrackte Software finden muss ich den Support einstellen.

Williwu

15.06.2014 16:01

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by XXX (administrator) on XXX on 15-06-2014 16:53:01
Running from C:\Users\XXX\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(T-Systems Enterprise Services GmbH) C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-06] (Microsoft Corporation)
HKU\S-1-5-21-2132015822-3264924353-165971380-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [205976 2009-09-18] (Alcohol Soft Development Team)
HKU\S-1-5-21-2132015822-3264924353-165971380-1000\...\MountPoints2: {123ad1e0-eee6-11e3-a12f-00226863bf18} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2132015822-3264924353-165971380-1000\...\MountPoints2: {19c643e9-ee1e-11e3-9626-00226863bf18} - J:\HTC_Sync_Manager_PC.exe
IFEO\databasecompare.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\spreadsheetcompare.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default
FF DefaultSearchEngine: Google
FF NetworkProxy: "backup.ftp", "93.189.46.122"
FF NetworkProxy: "backup.ftp_port", 5219
FF NetworkProxy: "backup.socks", "93.189.46.122"
FF NetworkProxy: "backup.socks_port", 5219
FF NetworkProxy: "backup.ssl", "93.189.46.122"
FF NetworkProxy: "backup.ssl_port", 5219
FF NetworkProxy: "ftp", "91.202.164.113"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "91.202.164.113"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.202.164.113"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "91.202.164.113"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - D:\Programme\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - D:\Programme\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Print pages to PDF - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\Extensions\printPages2Pdf@reinhold.ripper [2014-06-07]
FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-06-03]
FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-03]
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: {\
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (YouTube) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Google-Suche) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-03]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-06-03]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-03]
CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-03]
CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Google Mail) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]
CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-06-03]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
R3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61016 2014-06-09] (StdLib)
U3 a85uvwdw; C:\Windows\System32\Drivers\a85uvwdw.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-15 16:50 - 2014-06-15 16:50 - 00000000 _____ () C:\Users\Grisu\Downloads\X17-59886.iso
2014-06-15 04:29 - 2014-06-15 04:37 - 450867699 _____ () C:\Users\Grisu\Downloads\X17-59886.iso.part
2014-06-15 04:22 - 2014-06-15 04:23 - 34422784 _____ () C:\Users\Grisu\Downloads\install_virtualdj_pc_v8.0.1828.msi
2014-06-14 04:00 - 2014-06-14 04:01 - 00319880 _____ () C:\Windows\Minidump\061414-28860-01.dmp
2014-06-14 04:00 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump
2014-06-14 03:51 - 2014-06-14 03:51 - 00000000 ____D () C:\Users\Grisu\Desktop\FRST-OlderVersion
2014-06-13 04:07 - 2013-09-27 20:37 - 00117608 _____ (Electronic Arts) C:\Users\Grisu\Desktop\GDFBinary_en_US.dll
2014-06-13 04:03 - 2014-06-13 04:03 - 00015472 _____ () C:\Users\Grisu\Downloads\FIFA14_Comments_FIFAX.net.torrent
2014-06-13 04:02 - 2014-06-13 04:07 - 00000000 ____D () C:\Users\Grisu\Desktop\Game
2014-06-13 04:01 - 2014-06-13 04:01 - 00000007 _____ () C:\Users\Grisu\Downloads\FI.eins4.Ultim.Edit.MUL2.RIP-RAF.part1.rar
2014-06-13 03:59 - 2014-06-15 16:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-13 03:59 - 2014-06-13 03:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-13 03:45 - 2014-06-13 03:43 - 00000030 _____ () C:\AVScanner.ini
2014-06-13 03:43 - 2014-06-13 03:58 - 605054294 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part3.rar
2014-06-13 03:43 - 2014-06-13 03:43 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-12 19:30 - 2014-06-12 19:55 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part1.rar
2014-06-12 18:49 - 2014-06-12 19:27 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part2(1).rar
2014-06-12 07:17 - 2014-06-12 07:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 07:16 - 2014-06-12 07:16 - 02347384 _____ (ESET) C:\Users\Grisu\Desktop\esetsmartinstaller_enu.exe
2014-06-12 07:10 - 2014-06-12 07:10 - 00854367 _____ () C:\Users\Grisu\Desktop\SecurityCheck.exe
2014-06-12 07:06 - 2014-06-12 19:01 - 00227208 _____ () C:\Users\Grisu\Desktop\dds.txt
2014-06-12 07:06 - 2014-06-12 07:06 - 00009424 _____ () C:\Users\Grisu\Desktop\attach.txt
2014-06-12 07:01 - 2014-06-12 07:01 - 00688992 ____R (Swearware) C:\Users\Grisu\Desktop\dds.exe
2014-06-11 20:01 - 2014-06-12 06:30 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part2.rar
2014-06-11 19:32 - 2014-06-11 20:07 - 00000000 ____D () C:\AdwCleaner
2014-06-11 19:32 - 2014-06-11 19:32 - 01333465 _____ () C:\Users\Grisu\Downloads\adwcleaner_3.212.exe
2014-06-11 15:21 - 2014-06-09 12:24 - 00061016 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
2014-06-11 14:27 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk
2014-06-11 14:27 - 2014-06-11 14:27 - 00000000 ____D () C:\Users\Grisu\Documents\My Cheat Tables
2014-06-11 14:27 - 2014-06-11 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-11 14:16 - 2014-06-13 03:34 - 00000000 ____D () C:\Program Files (x86)\Greener Web
2014-06-11 13:48 - 2014-06-11 13:48 - 00000000 ____D () C:\Users\Grisu\Documents\My Games
2014-06-11 12:17 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:17 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 12:17 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 12:17 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 12:17 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 12:17 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 12:17 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 12:17 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 12:17 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 12:17 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 12:17 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 12:17 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 12:14 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 12:14 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 12:14 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 12:14 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 12:14 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 12:14 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 12:14 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 12:14 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 12:14 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 12:14 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 12:14 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 12:14 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 12:14 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 12:14 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 12:14 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 12:14 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 12:14 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 12:14 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 12:14 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 12:14 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 12:14 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 12:14 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 12:14 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 12:14 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 12:14 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 12:14 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 12:14 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 12:14 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 12:14 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 12:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 12:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 12:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 12:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 12:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 12:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 12:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 12:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 12:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 12:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 12:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 12:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 12:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 12:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 12:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 12:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 12:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 12:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 12:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 12:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 12:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 12:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 12:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 00:20 - 2014-06-11 00:20 - 10362869 _____ () C:\Users\Grisu\Downloads\s4_diedunkleseite.zip
2014-06-11 00:12 - 2014-06-11 00:12 - 00000635 _____ () C:\Users\Public\Desktop\Die Siedler IV Gold+ Edition.lnk
2014-06-11 00:12 - 2014-06-11 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-06-11 00:12 - 2014-06-11 00:12 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-06-11 00:12 - 2002-06-17 08:25 - 00026088 ____R (Microsoft Corporation) C:\Windows\SysWOW64\xmlinst.exe
2014-06-11 00:12 - 2002-04-24 13:43 - 00035840 ____R () C:\Windows\SysWOW64\comdlg32.oca
2014-06-11 00:12 - 2002-04-09 18:23 - 00029184 ____R () C:\Windows\SysWOW64\MSINET.oca
2014-06-11 00:12 - 2002-01-07 17:30 - 00024576 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-06-11 00:12 - 2001-05-04 12:05 - 00505104 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxml.dll
2014-06-11 00:12 - 2001-05-04 12:05 - 00028432 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxmlr.dll
2014-06-11 00:12 - 2000-05-22 01:00 - 00140488 ____R (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-06-11 00:12 - 2000-03-17 09:21 - 00069632 ____R () C:\Windows\SysWOW64\xmltok.dll
2014-06-11 00:12 - 2000-03-17 09:21 - 00036864 ____R () C:\Windows\SysWOW64\xmlparse.dll
2014-06-11 00:12 - 1998-06-24 01:00 - 00115016 ____R (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-06-11 00:12 - 1998-06-18 01:00 - 00089360 ____R (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-06-11 00:11 - 1998-01-23 12:20 - 00305664 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-06-11 00:06 - 2014-06-11 00:07 - 29295577 _____ () C:\Users\Grisu\Downloads\swat4_update_de_10_11.exe
2014-06-11 00:00 - 2014-06-11 13:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-10 23:59 - 2014-06-10 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-06-10 23:53 - 2014-06-10 23:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 22:22 - 2014-06-10 22:22 - 00000000 ____D () C:\Users\Grisu\Desktop\Data
2014-06-10 22:22 - 2014-06-06 02:17 - 10639432 ____N (Blizzard Entertainment) C:\Users\Grisu\Desktop\Launcher.exe
2014-06-10 11:17 - 2014-06-10 11:18 - 74637872 _____ (Logitech, Inc.) C:\Users\Grisu\Downloads\lws251.exe
2014-06-10 10:58 - 2014-06-10 10:58 - 00262144 _____ () C:\Windows\system32\config\elam
2014-06-10 10:42 - 2014-06-10 10:43 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\Grisu\Downloads\setup.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-10 02:34 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-10 02:24 - 2014-06-10 02:24 - 00918952 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jxpiinstall.exe
2014-06-10 02:00 - 2014-06-10 10:31 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3A056054.sys
2014-06-09 03:23 - 2014-06-09 03:26 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Microsoft Games
2014-06-09 03:23 - 2014-06-09 03:23 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-09 03:19 - 2014-06-09 03:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\29593062.sys
2014-06-08 14:55 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-06-08 14:46 - 2014-06-08 14:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-08 14:45 - 2014-06-08 14:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-08 14:45 - 2014-06-08 14:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-08 14:45 - 2014-06-08 14:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-08 14:45 - 2014-06-08 14:45 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-08 14:45 - 2014-06-08 14:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-08 14:45 - 2014-06-08 14:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-08 13:33 - 2014-06-08 13:36 - 12490936 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_Jamaican_Reggae_Charts_TOP25_vom_30.05.2014-CannaPower.rar
2014-06-08 13:32 - 2014-06-08 13:44 - 44692902 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_09.06.2014-CannaPower.rar
2014-06-08 13:10 - 2014-06-08 13:10 - 00003294 _____ () C:\Windows\System32\Tasks\{6274F484-9976-4DB1-B5EE-F4C4079D5E14}
2014-06-08 10:33 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-08 10:33 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-08 10:33 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-08 10:33 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-08 10:33 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-08 10:33 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-06-08 10:33 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

Williwu

15.06.2014 16:02

2014-06-08 10:33 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-08 10:33 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-08 10:33 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-06-08 10:33 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-08 10:33 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-06-08 10:14 - 2014-06-08 10:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-07 13:11 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-07 13:11 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-07 13:11 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-07 13:11 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-06 21:15 - 2014-06-08 14:55 - 00042931 _____ () C:\Windows\IE11_main.log
2014-06-06 20:53 - 2014-06-12 05:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-06 20:53 - 2014-06-12 05:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-06 20:41 - 2014-06-06 20:41 - 00000687 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-06-06 20:41 - 2014-06-06 20:41 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-06 20:41 - 2014-06-06 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-06 20:41 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-06-06 20:41 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-06-06 20:41 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-06-06 20:41 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-06 20:41 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-06-06 20:41 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-06-06 20:41 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-06-06 20:41 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-06-06 20:28 - 2014-06-06 20:28 - 00000000 ____D () C:\Windows\system32\kodak
2014-06-06 20:26 - 2014-06-06 20:26 - 00001957 _____ () C:\Users\Public\Desktop\PrintProjects.lnk
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\Visan
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\PrintProjects
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\Program Files (x86)\PrintProjects
2014-06-06 20:25 - 2014-06-06 20:26 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Eastman_Kodak_Company
2014-06-06 20:25 - 2014-06-06 20:25 - 00002167 _____ () C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2014-06-06 20:22 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2014-06-06 20:22 - 2014-06-06 20:22 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Eastman Kodak Company
2014-06-06 20:20 - 2014-06-06 20:21 - 00000000 ____D () C:\Windows\SysWOW64\kodak
2014-06-06 20:18 - 2014-06-06 20:18 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-06-06 20:17 - 2014-06-06 20:19 - 34422784 _____ () C:\Users\Grisu\Downloads\install_virtualdj_pc_v8.0.1820.msi
2014-06-06 20:17 - 2014-06-06 20:18 - 00000000 ____D () C:\Program Files (x86)\Kodak
2014-06-06 20:15 - 2014-06-08 10:28 - 00000000 ____D () C:\ProgramData\Kodak
2014-06-06 20:15 - 2014-06-06 20:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Temp
2014-06-06 20:14 - 2014-06-06 20:15 - 10003416 _____ (Eastman Kodak Company) C:\Users\Grisu\Downloads\aio_install.exe
2014-06-06 20:14 - 2014-06-06 20:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PowerISO
2014-06-06 20:11 - 2014-06-06 20:12 - 10519987 _____ () C:\Users\Grisu\Downloads\KODAKFirmwareUpdaterLauncher.dmg
2014-06-06 20:09 - 2014-06-06 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-06 19:30 - 2014-06-06 19:44 - 00041848 ____N () C:\Users\Grisu\Desktop\Addition.txt
2014-06-06 19:29 - 2014-06-15 16:53 - 00020775 _____ () C:\Users\Grisu\Desktop\FRST.txt
2014-06-06 19:29 - 2014-06-15 16:53 - 00000000 ____D () C:\FRST
2014-06-06 19:23 - 2014-06-06 20:48 - 3192264704 _____ () C:\Users\Grisu\Downloads\Win 7 Pro 64 bit.iso
2014-06-06 19:04 - 2014-06-06 19:16 - 174148112 _____ () C:\Users\Grisu\Downloads\David Heat & Hack N Slash (Bootleg Mashup Pack).zip
2014-06-06 19:01 - 2014-06-06 19:15 - 187604423 _____ () C:\Users\Grisu\Downloads\DJ Robbie Mash-Up Pack (Jan 2014).rar
2014-06-06 16:57 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-06 16:57 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-06 16:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-06 16:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-06 16:57 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-06 16:57 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-06 16:56 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-06 16:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-06 16:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-06 16:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-06 16:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-06 16:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-06 16:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-06 16:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-06 16:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-06-06 16:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-06 16:56 - 2013-09-28 03:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-06 16:56 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-06-06 16:56 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-06 16:56 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-06-06 16:56 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-06 16:56 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-06-06 16:56 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-06-06 16:56 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-06 16:56 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-06 16:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-06 16:56 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-06-06 16:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-06-06 16:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-06 16:55 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-06 16:55 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 16:55 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-06 16:55 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-06 16:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-06 16:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-06 16:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-06 16:55 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-06 16:55 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-06 16:55 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-06 16:55 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-06 16:55 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-06 16:55 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-06 16:55 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-06 16:55 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-06 16:55 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-06 16:55 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-06 16:55 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-06 16:55 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-06 16:55 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-06 16:55 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-06 16:55 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-06 16:55 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-06 16:55 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-06 16:55 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-06 16:55 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-06 16:55 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-06 16:55 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-06 16:55 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-06 16:55 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-06-06 16:55 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-06 16:55 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-06 16:55 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-06 16:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-06 16:55 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-06 16:55 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-06 16:55 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-06 16:55 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-06 16:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-06 16:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-06 16:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-06 16:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-06 16:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-06-06 16:55 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-06 16:55 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-06 16:55 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-06 16:55 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-06 16:55 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-06-06 16:55 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-06 16:55 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-06-06 16:55 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-06 16:55 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-06 16:55 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-06 16:55 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-06 16:55 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-06 16:55 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-06 16:55 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-06 16:55 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-06-06 16:55 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-06-06 16:55 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-06-06 16:55 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-06-06 16:55 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-06-06 16:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-06-06 16:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-06-06 16:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-06-06 16:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-06-06 16:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-06-06 16:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-06-06 16:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-06-06 16:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-06-06 16:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-06-06 16:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-06-06 16:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-06-06 16:54 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-06 16:54 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-06 16:54 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-06 16:54 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-06 16:54 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-06 16:54 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-06 16:54 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-06 16:54 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-06 16:54 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-06 16:54 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-06 16:54 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-06 16:54 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-06 16:54 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-06 16:54 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-06 16:54 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-06 16:54 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-06 16:54 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-06 16:54 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-06 16:54 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-06 16:54 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-06 16:54 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-06 16:54 - 2013-09-25 04:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-06 16:54 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-06 16:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-06 16:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-06-06 16:54 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-06 16:54 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-06 16:54 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-06 16:54 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-06 16:54 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-06-06 16:54 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-06-06 16:54 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-06-06 16:54 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-06 16:54 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-06 16:54 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-06 16:54 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-06 16:54 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-06 16:54 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-06 16:54 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-06 16:54 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-06-06 16:54 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-06-06 16:54 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-06-06 16:53 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-06 16:53 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-06 16:53 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-06 16:53 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-06 16:53 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-06 16:53 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-06 16:53 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-06 16:53 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-06 16:53 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-06 16:53 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-06 16:53 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-06 16:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-06 16:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-06 16:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-06 16:53 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-06 16:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-06 16:53 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-06 16:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-06 16:53 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-06 16:53 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-06 16:53 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-06 16:53 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-06 16:53 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-06 16:53 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-06 16:53 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-06-06 16:53 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-06 16:53 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-06 16:53 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-06 16:53 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-06 16:53 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-06 16:53 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-06-06 16:53 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-06 16:53 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-06 16:53 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-06 16:53 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-06 16:53 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-06 16:53 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-06 16:53 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-06 16:53 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-06 16:53 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-06 16:53 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-06-06 16:53 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-06 16:53 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-06-06 16:53 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-06-06 16:53 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-06 16:53 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-06-06 16:53 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-06 16:53 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-06-06 16:53 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-06 16:43 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-06 03:15 - 2014-06-06 03:16 - 01058200 _____ (Adobe) C:\Users\Grisu\Downloads\install_flashplayer13x32_mssd_aaa_aih.exe
2014-06-06 03:03 - 2014-06-06 03:06 - 00602112 ____N (OldTimer Tools) C:\Users\Grisu\Desktop\OTL.exe
2014-06-06 03:02 - 2014-06-06 03:02 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-06 03:01 - 2014-06-06 03:01 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-06-06 02:38 - 2014-06-06 02:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-06-06 02:32 - 2014-06-11 19:09 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet
2014-06-06 02:31 - 2014-06-06 02:31 - 00000000 ____D () C:\Plugins
2014-06-06 02:30 - 2014-06-06 02:31 - 00000000 ____D () C:\Program Files (x86)\Ganymede
2014-06-06 02:30 - 2014-06-06 02:30 - 00391064 _____ () C:\Users\Grisu\Downloads\billiards_install_1_0_2_7.exe
2014-06-06 01:52 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-05 19:14 - 2014-06-05 19:14 - 00001282 ____N () C:\Users\Grisu\Desktop\Eset online scanner- Bericht.txt
2014-06-05 18:38 - 2010-11-05 03:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-06-05 18:38 - 2010-11-05 03:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-06-05 18:37 - 2010-11-20 15:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2014-06-05 18:37 - 2010-11-20 15:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-05 18:37 - 2010-11-20 15:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-06-05 18:37 - 2010-11-20 15:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-06-05 18:37 - 2010-11-20 15:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-05 18:37 - 2010-11-20 15:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-05 18:37 - 2010-11-20 15:28 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-06-05 18:37 - 2010-11-20 15:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-06-05 18:37 - 2010-11-20 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-06-05 18:37 - 2010-11-20 15:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-06-05 18:37 - 2010-11-20 15:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-06-05 18:37 - 2010-11-20 15:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-05 18:37 - 2010-11-20 15:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-06-05 18:37 - 2010-11-20 15:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-05 18:37 - 2010-11-20 15:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-06-05 18:37 - 2010-11-20 15:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-06-05 18:37 - 2010-11-20 15:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-06-05 18:37 - 2010-11-20 14:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-06-05 18:37 - 2010-11-20 14:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-06-05 18:37 - 2010-11-20 14:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-06-05 18:37 - 2010-11-20 14:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2014-06-05 18:37 - 2010-11-20 14:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2014-06-05 18:37 - 2010-11-20 14:17 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-05 18:37 - 2010-11-20 14:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2014-06-05 18:37 - 2010-11-20 14:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-06-05 18:37 - 2010-11-20 14:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-06-05 18:37 - 2010-11-20 14:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-06-05 18:37 - 2010-11-20 13:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-05 18:37 - 2010-11-20 13:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2014-06-05 18:37 - 2010-11-20 12:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2014-06-05 18:37 - 2010-11-20 11:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-06-05 18:37 - 2010-11-20 11:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-06-05 18:37 - 2010-11-20 11:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-06-05 18:37 - 2010-11-20 11:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-06-05 18:37 - 2010-11-20 11:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-06-05 18:37 - 2010-11-05 04:20 - 00347904 _____ () C:\Windows\system32\systemsf.ebd
2014-06-05 18:37 - 2010-11-05 03:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-06-05 18:37 - 2010-11-05 03:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-06-05 18:37 - 2010-11-05 03:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-06-05 18:37 - 2010-11-05 03:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-06-05 18:37 - 2010-11-05 03:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-06-05 18:37 - 2010-11-05 03:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-06-05 18:37 - 2010-11-05 03:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-06-05 18:37 - 2010-11-05 03:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-06-05 18:37 - 2009-07-14 03:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2014-06-05 18:36 - 2010-11-20 15:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2014-06-05 18:36 - 2010-11-20 15:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2014-06-05 18:36 - 2010-11-20 15:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2014-06-05 18:36 - 2010-11-20 15:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-06-05 18:36 - 2010-11-20 15:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-06-05 18:36 - 2010-11-20 15:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-06-05 18:36 - 2010-11-20 15:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2014-06-05 18:36 - 2010-11-20 15:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2014-06-05 18:36 - 2010-11-20 15:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-06-05 18:36 - 2010-11-20 15:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-05 18:36 - 2010-11-20 15:28 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-06-05 18:36 - 2010-11-20 15:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2014-06-05 18:36 - 2010-11-20 15:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-06-05 18:36 - 2010-11-20 15:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-06-05 18:36 - 2010-11-20 15:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2014-06-05 18:36 - 2010-11-20 15:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2014-06-05 18:36 - 2010-11-20 15:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll

Williwu

15.06.2014 16:03

2014-06-05 18:36 - 2010-11-20 15:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-06-05 18:36 - 2010-11-20 15:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-06-05 18:36 - 2010-11-20 15:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2014-06-05 18:36 - 2010-11-20 15:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2014-06-05 18:36 - 2010-11-20 15:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-06-05 18:36 - 2010-11-20 15:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-05 18:36 - 2010-11-20 15:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2014-06-05 18:36 - 2010-11-20 15:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-06-05 18:36 - 2010-11-20 15:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2014-06-05 18:36 - 2010-11-20 15:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2014-06-05 18:36 - 2010-11-20 15:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-06-05 18:36 - 2010-11-20 15:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2014-06-05 18:36 - 2010-11-20 15:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2014-06-05 18:36 - 2010-11-20 15:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2014-06-05 18:36 - 2010-11-20 15:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2014-06-05 18:36 - 2010-11-20 15:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-06-05 18:36 - 2010-11-20 15:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2014-06-05 18:36 - 2010-11-20 15:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-06-05 18:36 - 2010-11-20 15:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-06-05 18:36 - 2010-11-20 14:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2014-06-05 18:36 - 2010-11-20 14:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2014-06-05 18:36 - 2010-11-20 14:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2014-06-05 18:36 - 2010-11-20 14:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2014-06-05 18:36 - 2010-11-20 14:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2014-06-05 18:36 - 2010-11-20 14:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2014-06-05 18:36 - 2010-11-20 14:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2014-06-05 18:36 - 2010-11-20 14:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2014-06-05 18:36 - 2010-11-20 14:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-06-05 18:36 - 2010-11-20 14:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2014-06-05 18:36 - 2010-11-20 14:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2014-06-05 18:36 - 2010-11-20 14:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2014-06-05 18:36 - 2010-11-20 14:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2014-06-05 18:36 - 2010-11-20 14:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2014-06-05 18:36 - 2010-11-20 14:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2014-06-05 18:36 - 2010-11-20 14:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2014-06-05 18:36 - 2010-11-20 14:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2014-06-05 18:36 - 2010-11-20 14:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2014-06-05 18:36 - 2010-11-20 14:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2014-06-05 18:36 - 2010-11-20 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2014-06-05 18:36 - 2010-11-20 14:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2014-06-05 18:36 - 2010-11-20 14:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2014-06-05 18:36 - 2010-11-20 14:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2014-06-05 18:36 - 2010-11-20 14:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2014-06-05 18:36 - 2010-11-20 14:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2014-06-05 18:36 - 2010-11-20 14:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-06-05 18:36 - 2010-11-20 14:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-05 18:36 - 2010-11-20 14:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2014-06-05 18:36 - 2010-11-20 14:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2014-06-05 18:36 - 2010-11-20 14:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2014-06-05 18:36 - 2010-11-20 14:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2014-06-05 18:36 - 2010-11-20 14:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2014-06-05 18:36 - 2010-11-20 14:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2014-06-05 18:36 - 2010-11-20 14:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2014-06-05 18:36 - 2010-11-20 14:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2014-06-05 18:36 - 2010-11-20 14:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2014-06-05 18:36 - 2010-11-20 14:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2014-06-05 18:36 - 2010-11-20 14:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-06-05 18:36 - 2010-11-20 14:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2014-06-05 18:36 - 2010-11-20 14:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2014-06-05 18:36 - 2010-11-20 13:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2014-06-05 18:36 - 2010-11-20 13:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-05 18:36 - 2010-11-20 12:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2014-06-05 18:36 - 2010-11-20 12:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-06-05 18:36 - 2010-11-20 12:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-06-05 18:36 - 2010-11-20 12:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2014-06-05 18:36 - 2010-11-20 12:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-06-05 18:36 - 2010-11-20 12:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-06-05 18:36 - 2010-11-20 12:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2014-06-05 18:36 - 2010-11-20 12:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-06-05 18:36 - 2010-11-20 12:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-05 18:36 - 2010-11-20 12:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2014-06-05 18:36 - 2010-11-20 12:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-06-05 18:36 - 2010-11-20 12:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-06-05 18:36 - 2010-11-20 12:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-05 18:36 - 2010-11-20 12:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2014-06-05 18:36 - 2010-11-20 12:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-06-05 18:36 - 2010-11-20 12:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-06-05 18:36 - 2010-11-20 12:09 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2014-06-05 18:36 - 2010-11-20 12:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-06-05 18:36 - 2010-11-20 11:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2014-06-05 18:36 - 2010-11-20 11:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-05 18:36 - 2010-11-20 11:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2014-06-05 18:36 - 2010-11-20 11:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-06-05 18:36 - 2010-11-10 03:48 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
2014-06-05 18:36 - 2010-11-05 04:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-06-05 18:36 - 2010-11-05 04:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2014-06-05 18:36 - 2010-11-05 03:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-06-05 18:36 - 2010-11-05 03:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-06-05 18:36 - 2010-11-05 03:57 - 00154960 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-06-05 18:35 - 2010-11-20 15:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-06-05 18:35 - 2010-11-20 15:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2014-06-05 18:35 - 2010-11-20 15:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2014-06-05 18:35 - 2010-11-20 15:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-06-05 18:35 - 2010-11-20 15:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2014-06-05 18:35 - 2010-11-20 14:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2014-06-05 18:35 - 2010-11-20 14:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2014-06-05 18:35 - 2010-11-20 14:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2014-06-05 18:35 - 2010-11-20 14:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2014-06-05 18:35 - 2010-11-20 14:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2014-06-05 18:35 - 2010-11-20 14:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-06-05 18:35 - 2010-11-20 14:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2014-06-05 18:35 - 2010-11-20 14:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2014-06-05 18:35 - 2010-11-20 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2014-06-05 18:35 - 2010-11-05 04:20 - 00105559 _____ () C:\Windows\SysWOW64\RacRules.xml
2014-06-05 18:35 - 2010-11-05 04:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
2014-06-05 18:35 - 2009-06-10 23:39 - 00001041 _____ () C:\Windows\SysWOW64\tcpbidi.xml
2014-06-05 18:34 - 2010-11-20 15:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2014-06-05 18:33 - 2010-11-20 15:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-06-05 18:32 - 2014-06-05 18:32 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-06-05 18:11 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-06-05 18:11 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-06-05 18:11 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-06-05 18:11 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-06-05 18:11 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-06-05 18:11 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-06-05 18:11 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-06-05 18:11 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-06-05 18:11 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-06-05 18:11 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-06-05 17:21 - 2014-06-12 19:00 - 00056436 _____ () C:\Users\Grisu\Desktop\Extras.Txt
2014-06-05 17:21 - 2014-06-05 17:21 - 00283904 ____N () C:\Users\Grisu\Desktop\OTL.Txt
2014-06-05 17:17 - 2014-06-05 17:17 - 00380416 ____N () C:\Users\Grisu\Desktop\tukt5x5j.exe
2014-06-05 16:48 - 2014-06-06 16:31 - 00009567 ____N () C:\Users\Grisu\Desktop\hijackthis.log
2014-06-05 16:36 - 2014-06-05 16:36 - 00388608 ____N (Trend Micro Inc.) C:\Users\Grisu\Desktop\HijackThis.exe
2014-06-05 15:53 - 2014-06-05 15:54 - 39179072 _____ (Atomix Productions) C:\Users\Grisu\Downloads\install_virtualdj_home_v7.4.1b.exe
2014-06-05 15:35 - 2014-06-05 15:35 - 01496480 ____N ( ) C:\Users\Grisu\Desktop\cpu-z_1.692-setup-en.exe
2014-06-05 15:24 - 2014-04-15 15:59 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-06-05 15:24 - 2014-04-15 15:59 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-06-05 15:23 - 2014-06-05 16:57 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP
2014-06-05 15:20 - 2014-06-05 15:20 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe
2014-06-05 15:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-05 15:00 - 2014-06-15 16:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 14:59 - 2014-06-05 14:59 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-05 14:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-05 14:59 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-05 14:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ___SD () C:\32788R22FWJFW
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 14:48 - 2014-06-05 14:48 - 00448512 _____ (OldTimer Tools) C:\Users\Grisu\Downloads\TFC.exe
2014-06-05 14:44 - 2014-06-05 14:45 - 00040863 _____ () C:\Users\Grisu\Downloads\Addition.txt
2014-06-05 14:43 - 2014-06-05 14:45 - 00147071 _____ () C:\Users\Grisu\Downloads\FRST.txt
2014-06-05 14:42 - 2014-06-14 03:51 - 02081792 _____ (Farbar) C:\Users\Grisu\Desktop\FRST64.exe
2014-06-05 05:58 - 2014-06-05 05:58 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-06-05 04:16 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-06-05 04:16 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-06-05 04:16 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-06-05 03:57 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-06-05 03:50 - 2014-06-05 03:55 - 00004599 _____ () C:\Windows\IE9_main.log
2014-06-05 03:27 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-06-05 03:27 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-06-05 03:27 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-06-05 03:27 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-06-05 03:27 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-06-05 03:27 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-06-05 03:27 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-06-05 03:27 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-04 19:30 - 2014-06-15 04:02 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-06-04 19:30 - 2014-06-14 16:05 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-06-04 19:30 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-06-04 19:30 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-06-04 19:30 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-06-04 19:30 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-06-04 19:30 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-06-04 19:30 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-06-04 19:30 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-06-04 19:30 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-06-04 19:30 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-06-04 19:29 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-04 19:29 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-04 19:29 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-06-04 19:29 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-04 19:29 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-06-04 19:29 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-04 19:29 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-06-04 19:29 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-06-04 19:29 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-04 19:29 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-06-04 19:28 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-06-04 19:28 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

Williwu

15.06.2014 16:04

2014-06-04 19:28 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-06-04 19:28 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-06-04 19:28 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-06-04 19:28 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-06-04 19:27 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-06-04 19:27 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-06-04 19:26 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-06-04 19:26 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-06-04 19:26 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-06-04 19:26 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-06-04 19:26 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-06-04 19:26 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-04 19:26 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-06-04 19:26 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-06-04 19:26 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-06-04 19:26 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-06-04 19:26 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-06-04 19:26 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-06-04 19:26 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-06-04 19:26 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-06-04 19:26 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-06-04 19:26 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-06-04 19:26 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-06-04 19:26 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-06-04 19:26 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-06-04 19:26 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-06-04 19:26 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-06-04 19:26 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-06-04 19:26 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-06-04 19:26 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-06-04 19:26 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-06-04 19:26 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-04 19:26 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-04 19:25 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-06-04 19:25 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-06-04 19:24 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-04 19:24 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-06-04 19:24 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-06-04 19:24 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-06-04 19:24 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-06-04 19:24 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-06-04 19:24 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-06-04 19:24 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-06-04 19:23 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-06-04 19:23 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-06-04 19:23 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-06-04 19:23 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-06-04 19:23 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-06-04 19:23 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-06-04 19:23 - 2010-11-20 15:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2014-06-04 19:22 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-06-04 19:22 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-06-04 19:22 - 2010-11-20 14:58 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2014-06-04 19:22 - 2010-11-20 13:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2014-06-04 19:21 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-04 19:21 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-06-04 19:21 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-04 19:21 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-06-04 19:21 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-06-04 19:21 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-06-04 19:21 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-06-04 19:21 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-06-04 19:21 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-06-04 19:21 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-04 19:21 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-04 19:20 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-04 19:20 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-06-04 19:20 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-06-04 19:20 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-06-04 19:20 - 2010-11-20 15:24 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-06-04 19:20 - 2010-11-20 15:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-06-04 19:20 - 2010-11-20 15:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-06-04 19:20 - 2010-11-20 14:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-06-04 19:20 - 2010-11-20 14:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-06-04 19:20 - 2010-11-20 14:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-06-04 19:19 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-06-04 19:19 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-04 19:18 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-06-04 19:18 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-06-04 19:17 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-06-04 19:17 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-04 19:17 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-06-04 19:17 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-06-04 19:17 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-06-04 19:17 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-06-04 19:17 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-06-04 19:17 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-06-04 19:17 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-06-04 19:17 - 2010-11-20 15:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-06-04 19:15 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-06-04 19:15 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-06-04 19:15 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-06-04 19:15 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-06-04 19:15 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-06-04 19:15 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-06-04 19:15 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-06-04 19:15 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-06-04 19:15 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-06-04 19:15 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-04 19:15 - 2010-11-20 15:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2014-06-04 19:14 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-04 19:14 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-04 19:14 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-04 19:14 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-04 19:14 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-06-04 19:14 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-06-04 19:14 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-06-04 19:14 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-06-04 19:14 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-04 19:14 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-06-04 19:14 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-04 19:14 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-06-04 19:14 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-04 19:14 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-06-04 19:14 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-06-04 19:14 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-06-04 19:14 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-06-04 19:14 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-06-04 19:14 - 2010-11-20 15:25 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2014-06-04 19:14 - 2010-11-20 15:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-04 19:08 - 2014-06-09 11:26 - 00000000 ____D () C:\Users\Grisu\Desktop\Musik 2014
2014-06-04 19:06 - 2014-06-09 11:26 - 00000000 ____D () C:\Users\Grisu\Desktop\Mashup Pack 2014
2014-06-04 19:06 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Dokumente 2014
2014-06-04 19:02 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Bilder 2013
2014-06-04 19:02 - 2014-06-04 19:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Bewerbung Schatzi
2014-06-04 19:02 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-06-04 19:02 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-06-04 19:01 - 2014-06-13 17:06 - 00324608 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014-mit-Verdienst-und-Feiertagen.xls
2014-06-04 19:01 - 2014-06-09 11:07 - 00012284 ____N () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.xlsx
2014-06-04 03:23 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-06-04 03:23 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-06-04 03:23 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-06-04 03:20 - 2014-06-04 03:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-04 03:20 - 2014-06-04 03:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-04 03:13 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-04 03:13 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-03 17:54 - 2014-06-10 11:52 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Skype
2014-06-03 17:54 - 2014-06-03 17:58 - 00000000 ____D () C:\ProgramData\Skype
2014-06-03 17:54 - 2014-06-03 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-03 17:54 - 2014-06-03 17:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-03 17:54 - 2014-06-03 17:54 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Skype
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-06-03 17:52 - 2014-03-30 08:26 - 00129944 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2014-06-03 17:44 - 2014-06-03 17:44 - 00000000 ____D () C:\Program Files (x86)\Franzis
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GHISLER
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Program Files\totalcmd
2014-06-03 17:42 - 2014-06-03 17:42 - 04626896 _____ (Ghisler Software GmbH) C:\Users\Grisu\Downloads\tcm851ax64.exe
2014-06-03 17:32 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-03 17:31 - 2014-06-14 16:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-03 17:31 - 2014-06-03 17:31 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 17:31 - 2014-06-03 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-03 17:30 - 2014-06-03 17:31 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-03 17:30 - 2014-06-03 17:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-03 17:28 - 2014-06-14 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-03 17:28 - 2014-06-03 17:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 __RHD () C:\MSOCache
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Microsoft Help
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-03 17:16 - 2014-06-03 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
2014-06-03 17:16 - 2014-06-03 17:16 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ____D () C:\ProgramData\T-Online
2014-06-03 16:22 - 2007-09-12 17:24 - 00041024 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\DslTestSp5a64.sys
2014-06-03 16:21 - 2014-06-10 23:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-03 16:21 - 2014-06-03 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2014-06-03 16:21 - 2014-06-03 16:21 - 00000000 ____D () C:\Program Files (x86)\DSL-Manager
2014-06-03 16:21 - 2007-08-01 14:49 - 00019008 _____ (T-Systems Enterprise Services GmbH) C:\Windows\system32\Drivers\dslmnlwf.sys
2014-06-03 16:19 - 2014-06-03 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-03 16:14 - 2014-06-09 02:40 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 16:14 - 2014-06-09 02:40 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 16:14 - 2014-06-08 12:04 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-03 16:14 - 2014-06-08 12:04 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-03 16:14 - 2014-06-03 16:19 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google
2014-06-03 16:14 - 2014-06-03 16:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-03 16:12 - 2014-06-03 16:12 - 00918672 _____ (Google Inc.) C:\Users\Grisu\Downloads\ChromeSetup.exe
2014-06-03 16:10 - 2014-06-03 16:10 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-06-03 15:50 - 2014-06-03 15:50 - 00868848 _____ () C:\Windows\system32\Drivers\sptd.sys
2014-06-03 15:48 - 2014-06-03 15:48 - 00000000 ____D () C:\Program Files\Alcohol 120%
2014-06-03 14:51 - 2014-06-03 14:51 - 00000843 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-03 14:50 - 2014-06-13 04:06 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent
2014-06-03 14:47 - 2014-06-03 14:47 - 01671504 _____ (BitTorrent Inc.) C:\Users\Grisu\Downloads\uTorrent_v.3.4.2_31515.exe
2014-06-03 14:31 - 2014-06-03 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-03 14:31 - 2014-06-03 14:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-03 13:55 - 2014-06-10 22:22 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Battle.net
2014-06-03 13:55 - 2014-06-10 21:57 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-03 13:55 - 2014-06-03 14:33 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Battle.net
2014-06-03 13:55 - 2014-06-03 13:55 - 00001131 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\NVIDIA
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Blizzard Entertainment
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-03 13:53 - 2014-06-03 17:21 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-03 13:53 - 2014-06-03 13:53 - 02942368 _____ (Blizzard Entertainment) C:\Users\Grisu\Downloads\World-of-Warcraft-Setup-deDE.exe
2014-06-03 13:24 - 2014-06-03 13:24 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-03 13:22 - 2014-06-03 13:22 - 01987893 _____ () C:\Users\Grisu\Downloads\REPT.rar
2014-06-03 13:16 - 2014-06-03 13:16 - 00001039 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Macromedia
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Macromedia
2014-06-03 12:42 - 2014-06-03 12:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-03 12:24 - 2014-06-03 12:24 - 00000000 ____D () C:\Users\Grisu\Documents\Lightshot
2014-06-03 11:47 - 2014-06-13 03:59 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-03 11:47 - 2014-06-13 03:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-03 11:47 - 2014-06-03 11:47 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-03 11:47 - 2014-06-03 11:47 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-03 11:29 - 2014-06-03 12:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-03 11:29 - 2014-06-03 11:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-03 11:29 - 2014-05-20 04:44 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-06-03 11:29 - 2014-05-20 04:44 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-06-03 11:29 - 2014-05-20 03:25 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-06-03 11:29 - 2014-05-20 03:25 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-06-03 11:29 - 2014-05-20 03:25 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-06-03 11:29 - 2014-05-20 03:25 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-06-03 11:29 - 2014-05-20 03:25 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-06-03 11:29 - 2014-05-20 03:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-06-03 11:29 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-03 11:28 - 2014-06-08 14:37 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-03 11:28 - 2014-06-03 16:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-03 11:26 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-03 11:26 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-03 11:26 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-03 11:26 - 2014-05-20 04:44 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-06-03 11:23 - 2014-06-03 11:29 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-03 11:23 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-03 11:23 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-03 11:23 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-03 10:55 - 2014-06-14 16:07 - 00112288 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-03 10:51 - 2014-06-13 16:37 - 00302976 _____ () C:\Windows\PFRO.log
2014-06-03 10:15 - 2014-06-03 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-06-03 10:15 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-06-03 10:14 - 2014-06-15 16:49 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-03 10:14 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-03 10:14 - 2014-06-03 10:14 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-03 10:08 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-03 10:08 - 2014-06-03 10:08 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-03 10:08 - 2014-06-03 10:08 - 00000000 ____D () C:\Program Files\Java
2014-06-03 10:04 - 2014-03-31 09:35 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-03 10:03 - 2014-06-03 10:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-06-03 10:03 - 2014-06-03 09:13 - 00000000 ____D () C:\Windows\Panther
2014-06-03 10:03 - 2009-07-14 03:38 - 00383562 __RSH () C:\bootmgr
2014-06-03 10:02 - 2014-06-03 10:02 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\rmi
2014-06-03 09:57 - 2014-06-11 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-03 09:57 - 2014-06-03 10:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Mozilla
2014-06-03 09:57 - 2014-06-03 10:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Mozilla
2014-06-03 09:57 - 2014-06-03 09:57 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-03 09:57 - 2014-06-03 09:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-03 09:57 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-06-03 09:57 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-06-03 09:57 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-06-03 09:54 - 2014-06-03 09:54 - 210915698 ____N () C:\Users\Grisu\Desktop\start REG 03.06.2014.reg
2014-06-03 09:54 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-03 09:54 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-03 09:54 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-03 09:54 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-03 09:54 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-03 09:54 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-03 09:54 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-03 09:54 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-03 09:54 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-03 09:14 - 2014-06-15 16:54 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Temp
2014-06-03 09:14 - 2014-06-09 02:41 - 00001432 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-03 09:14 - 2014-06-08 10:27 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 09:14 - 2014-06-08 10:27 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-03 09:14 - 2014-06-06 17:04 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore
2014-06-03 09:14 - 2014-06-04 19:09 - 00000000 ____D () C:\Users\Grisu
2014-06-03 09:14 - 2014-06-03 09:14 - 00000020 ___SH () C:\Users\Grisu\ntuser.ini
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Vorlagen
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Startmenü
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Netzwerkumgebung
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Lokale Einstellungen
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Eigene Dateien
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Druckumgebung
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Documents\Eigene Musik
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Documents\Eigene Bilder
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Local\Verlauf
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Local\Anwendungsdaten
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Anwendungsdaten
2014-06-03 09:14 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-03 09:14 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 __SHD () C:\Recovery
2014-06-03 09:09 - 2014-06-03 09:09 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-06-03 09:09 - 2014-06-03 09:09 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-06-03 09:08 - 2014-06-03 09:08 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-06-03 09:07 - 2014-06-15 16:36 - 02019423 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 09:06 - 2014-06-03 09:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-02 23:37 - 2014-06-09 11:26 - 00000000 ____D () C:\Users\Grisu\Desktop\WoW Addon´s

==================== One Month Modified Files and Folders =======

2014-06-15 16:54 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 16:54 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Temp
2014-06-15 16:53 - 2014-06-06 19:29 - 00020775 _____ () C:\Users\Grisu\Desktop\FRST.txt
2014-06-15 16:53 - 2014-06-06 19:29 - 00000000 ____D () C:\FRST
2014-06-15 16:50 - 2014-06-15 16:50 - 00000000 _____ () C:\Users\Grisu\Downloads\X17-59886.iso
2014-06-15 16:49 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-15 16:45 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-15 16:41 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 16:41 - 2009-07-14 06:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 16:38 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-15 16:38 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-15 16:38 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 16:36 - 2014-06-03 09:07 - 02019423 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 16:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 16:33 - 2009-07-14 06:51 - 00039327 _____ () C:\Windows\setupact.log
2014-06-15 04:37 - 2014-06-15 04:29 - 450867699 _____ () C:\Users\Grisu\Downloads\X17-59886.iso.part
2014-06-15 04:23 - 2014-06-15 04:22 - 34422784 _____ () C:\Users\Grisu\Downloads\install_virtualdj_pc_v8.0.1828.msi
2014-06-15 04:02 - 2014-06-04 19:30 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-06-15 03:48 - 2009-07-14 06:45 - 00435744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 16:27 - 2014-06-03 17:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-14 16:27 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-14 16:07 - 2014-06-03 10:55 - 00112288 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-14 16:05 - 2014-06-04 19:30 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-06-14 14:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 04:01 - 2014-06-14 04:00 - 00319880 _____ () C:\Windows\Minidump\061414-28860-01.dmp
2014-06-14 04:00 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump
2014-06-14 03:51 - 2014-06-14 03:51 - 00000000 ____D () C:\Users\Grisu\Desktop\FRST-OlderVersion
2014-06-14 03:51 - 2014-06-05 14:42 - 02081792 _____ (Farbar) C:\Users\Grisu\Desktop\FRST64.exe
2014-06-13 17:06 - 2014-06-04 19:01 - 00324608 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014-mit-Verdienst-und-Feiertagen.xls
2014-06-13 16:37 - 2014-06-03 10:51 - 00302976 _____ () C:\Windows\PFRO.log
2014-06-13 04:07 - 2014-06-13 04:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Game
2014-06-13 04:06 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent
2014-06-13 04:03 - 2014-06-13 04:03 - 00015472 _____ () C:\Users\Grisu\Downloads\FIFA14_Comments_FIFAX.net.torrent
2014-06-13 04:01 - 2014-06-13 04:01 - 00000007 _____ () C:\Users\Grisu\Downloads\FI.eins4.Ultim.Edit.MUL2.RIP-RAF.part1.rar
2014-06-13 03:59 - 2014-06-13 03:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-13 03:59 - 2014-06-03 11:47 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 03:59 - 2014-06-03 11:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-13 03:58 - 2014-06-13 03:43 - 605054294 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part3.rar
2014-06-13 03:45 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-13 03:43 - 2014-06-13 03:45 - 00000030 _____ () C:\AVScanner.ini
2014-06-13 03:43 - 2014-06-13 03:43 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 03:34 - 2014-06-11 14:16 - 00000000 ____D () C:\Program Files (x86)\Greener Web
2014-06-13 03:34 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-06-12 19:55 - 2014-06-12 19:30 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part1.rar
2014-06-12 19:31 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-06-12 19:27 - 2014-06-12 18:49 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part2(1).rar
2014-06-12 19:01 - 2014-06-12 07:06 - 00227208 _____ () C:\Users\Grisu\Desktop\dds.txt
2014-06-12 19:00 - 2014-06-05 17:21 - 00056436 _____ () C:\Users\Grisu\Desktop\Extras.Txt
2014-06-12 07:17 - 2014-06-12 07:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-12 07:16 - 2014-06-12 07:16 - 02347384 _____ (ESET) C:\Users\Grisu\Desktop\esetsmartinstaller_enu.exe
2014-06-12 07:10 - 2014-06-12 07:10 - 00854367 _____ () C:\Users\Grisu\Desktop\SecurityCheck.exe
2014-06-12 07:06 - 2014-06-12 07:06 - 00009424 _____ () C:\Users\Grisu\Desktop\attach.txt
2014-06-12 07:01 - 2014-06-12 07:01 - 00688992 ____R (Swearware) C:\Users\Grisu\Desktop\dds.exe
2014-06-12 06:30 - 2014-06-11 20:01 - 1047527426 _____ () C:\Users\Grisu\Downloads\213451241124-fff14update1.part2.rar
2014-06-12 05:57 - 2014-06-06 20:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 05:56 - 2014-06-06 20:53 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 20:07 - 2014-06-11 19:32 - 00000000 ____D () C:\AdwCleaner
2014-06-11 19:32 - 2014-06-11 19:32 - 01333465 _____ () C:\Users\Grisu\Downloads\adwcleaner_3.212.exe
2014-06-11 19:09 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet
2014-06-11 14:27 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk
2014-06-11 14:27 - 2014-06-11 14:27 - 00000000 ____D () C:\Users\Grisu\Documents\My Cheat Tables
2014-06-11 14:27 - 2014-06-11 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-11 13:48 - 2014-06-11 13:48 - 00000000 ____D () C:\Users\Grisu\Documents\My Games
2014-06-11 13:46 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-11 11:28 - 2014-06-03 09:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 11:28 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-06-11 00:20 - 2014-06-11 00:20 - 10362869 _____ () C:\Users\Grisu\Downloads\s4_diedunkleseite.zip
2014-06-11 00:12 - 2014-06-11 00:12 - 00000635 _____ () C:\Users\Public\Desktop\Die Siedler IV Gold+ Edition.lnk
2014-06-11 00:12 - 2014-06-11 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
2014-06-11 00:12 - 2014-06-11 00:12 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-06-11 00:07 - 2014-06-11 00:06 - 29295577 _____ () C:\Users\Grisu\Downloads\swat4_update_de_10_11.exe
2014-06-10 23:59 - 2014-06-10 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-06-10 23:59 - 2014-06-03 16:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-10 23:53 - 2014-06-10 23:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 22:22 - 2014-06-10 22:22 - 00000000 ____D () C:\Users\Grisu\Desktop\Data
2014-06-10 22:22 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Battle.net
2014-06-10 21:57 - 2014-06-03 13:55 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-10 11:52 - 2014-06-03 17:54 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Skype
2014-06-10 11:18 - 2014-06-10 11:17 - 74637872 _____ (Logitech, Inc.) C:\Users\Grisu\Downloads\lws251.exe
2014-06-10 10:58 - 2014-06-10 10:58 - 00262144 _____ () C:\Windows\system32\config\elam
2014-06-10 10:43 - 2014-06-10 10:42 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\Grisu\Downloads\setup.exe
2014-06-10 10:31 - 2014-06-10 02:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3A056054.sys
2014-06-10 02:34 - 2014-06-10 02:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-10 02:34 - 2014-06-10 02:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-10 02:34 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-10 02:34 - 2014-06-03 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-10 02:24 - 2014-06-10 02:24 - 00918952 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jxpiinstall.exe
2014-06-09 12:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-09 12:24 - 2014-06-11 15:21 - 00061016 _____ (StdLib) C:\Windows\system32\Drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
2014-06-09 11:26 - 2014-06-04 19:08 - 00000000 ____D () C:\Users\Grisu\Desktop\Musik 2014
2014-06-09 11:26 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Mashup Pack 2014
2014-06-09 11:26 - 2014-06-02 23:37 - 00000000 ____D () C:\Users\Grisu\Desktop\WoW Addon´s
2014-06-09 11:07 - 2014-06-04 19:01 - 00012284 ____N () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.xlsx
2014-06-09 03:26 - 2014-06-09 03:23 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Microsoft Games
2014-06-09 03:23 - 2014-06-09 03:23 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-09 03:19 - 2014-06-09 03:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\29593062.sys
2014-06-09 02:41 - 2014-06-03 09:14 - 00001432 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-09 02:40 - 2014-06-03 16:14 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 02:40 - 2014-06-03 16:14 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 14:55 - 2014-06-06 21:15 - 00042931 _____ () C:\Windows\IE11_main.log
2014-06-08 14:46 - 2014-06-08 14:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-08 14:45 - 2014-06-08 14:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-08 14:45 - 2014-06-08 14:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-08 14:45 - 2014-06-08 14:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-08 14:45 - 2014-06-08 14:45 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-08 14:45 - 2014-06-08 14:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-08 14:45 - 2014-06-08 14:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-08 14:45 - 2014-06-08 14:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-08 14:45 - 2014-06-08 14:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-08 14:37 - 2014-06-03 11:28 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-08 13:44 - 2014-06-08 13:32 - 44692902 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_09.06.2014-CannaPower.rar
2014-06-08 13:36 - 2014-06-08 13:33 - 12490936 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_Jamaican_Reggae_Charts_TOP25_vom_30.05.2014-CannaPower.rar
2014-06-08 13:10 - 2014-06-08 13:10 - 00003294 _____ () C:\Windows\System32\Tasks\{6274F484-9976-4DB1-B5EE-F4C4079D5E14}
2014-06-08 12:04 - 2014-06-03 16:14 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-08 12:04 - 2014-06-03 16:14 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-08 10:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-08 10:28 - 2014-06-06 20:15 - 00000000 ____D () C:\ProgramData\Kodak
2014-06-08 10:27 - 2014-06-03 09:14 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-08 10:27 - 2014-06-03 09:14 - 00000000 ___RD () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-08 10:14 - 2014-06-08 10:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 10:14 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-08 10:14 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-08 10:14 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-08 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-06-08 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-06-08 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-06-08 10:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-06-07 12:51 - 2014-06-07 12:51 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-07 12:51 - 2014-06-07 12:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-06 20:48 - 2014-06-06 19:23 - 3192264704 _____ () C:\Users\Grisu\Downloads\Win 7 Pro 64 bit.iso
2014-06-06 20:41 - 2014-06-06 20:41 - 00000687 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-06-06 20:41 - 2014-06-06 20:41 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-06 20:41 - 2014-06-06 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-06 20:28 - 2014-06-06 20:28 - 00000000 ____D () C:\Windows\system32\kodak
2014-06-06 20:26 - 2014-06-06 20:26 - 00001957 _____ () C:\Users\Public\Desktop\PrintProjects.lnk
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\Visan
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\PrintProjects
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects
2014-06-06 20:26 - 2014-06-06 20:26 - 00000000 ____D () C:\Program Files (x86)\PrintProjects
2014-06-06 20:26 - 2014-06-06 20:25 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Eastman_Kodak_Company
2014-06-06 20:26 - 2014-06-06 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2014-06-06 20:25 - 2014-06-06 20:25 - 00002167 _____ () C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2014-06-06 20:22 - 2014-06-06 20:22 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Eastman Kodak Company
2014-06-06 20:21 - 2014-06-06 20:20 - 00000000 ____D () C:\Windows\SysWOW64\kodak
2014-06-06 20:19 - 2014-06-06 20:17 - 34422784 _____ () C:\Users\Grisu\Downloads\install_virtualdj_pc_v8.0.1820.msi
2014-06-06 20:18 - 2014-06-06 20:18 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-06-06 20:18 - 2014-06-06 20:17 - 00000000 ____D () C:\Program Files (x86)\Kodak
2014-06-06 20:15 - 2014-06-06 20:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Temp
2014-06-06 20:15 - 2014-06-06 20:14 - 10003416 _____ (Eastman Kodak Company) C:\Users\Grisu\Downloads\aio_install.exe
2014-06-06 20:14 - 2014-06-06 20:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PowerISO
2014-06-06 20:12 - 2014-06-06 20:11 - 10519987 _____ () C:\Users\Grisu\Downloads\KODAKFirmwareUpdaterLauncher.dmg
2014-06-06 20:09 - 2014-06-06 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-06 19:44 - 2014-06-06 19:30 - 00041848 ____N () C:\Users\Grisu\Desktop\Addition.txt
2014-06-06 19:16 - 2014-06-06 19:04 - 174148112 _____ () C:\Users\Grisu\Downloads\David Heat & Hack N Slash (Bootleg Mashup Pack).zip
2014-06-06 19:15 - 2014-06-06 19:01 - 187604423 _____ () C:\Users\Grisu\Downloads\DJ Robbie Mash-Up Pack (Jan 2014).rar
2014-06-06 17:04 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore
2014-06-06 16:31 - 2014-06-05 16:48 - 00009567 ____N () C:\Users\Grisu\Desktop\hijackthis.log
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-06-06 16:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-06-06 16:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-06 16:15 - 2009-07-14 04:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-06-06 16:15 - 2009-07-14 04:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-06-06 03:16 - 2014-06-06 03:15 - 01058200 _____ (Adobe) C:\Users\Grisu\Downloads\install_flashplayer13x32_mssd_aaa_aih.exe
2014-06-06 03:06 - 2014-06-06 03:03 - 00602112 ____N (OldTimer Tools) C:\Users\Grisu\Desktop\OTL.exe
2014-06-06 03:02 - 2014-06-06 03:02 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-06 03:01 - 2014-06-06 03:01 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-06-06 02:43 - 2014-06-06 02:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-06-06 02:31 - 2014-06-06 02:31 - 00000000 ____D () C:\Plugins
2014-06-06 02:31 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede
2014-06-06 02:30 - 2014-06-06 02:30 - 00391064 _____ () C:\Users\Grisu\Downloads\billiards_install_1_0_2_7.exe
2014-06-06 02:17 - 2014-06-10 22:22 - 10639432 ____N (Blizzard Entertainment) C:\Users\Grisu\Desktop\Launcher.exe
2014-06-06 01:52 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-05 19:14 - 2014-06-05 19:14 - 00001282 ____N () C:\Users\Grisu\Desktop\Eset online scanner- Bericht.txt
2014-06-05 17:21 - 2014-06-05 17:21 - 00283904 ____N () C:\Users\Grisu\Desktop\OTL.Txt
2014-06-05 17:17 - 2014-06-05 17:17 - 00380416 ____N () C:\Users\Grisu\Desktop\tukt5x5j.exe
2014-06-05 16:57 - 2014-06-05 15:23 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP
2014-06-05 16:36 - 2014-06-05 16:36 - 00388608 ____N (Trend Micro Inc.) C:\Users\Grisu\Desktop\HijackThis.exe
2014-06-05 15:54 - 2014-06-05 15:53 - 39179072 _____ (Atomix Productions) C:\Users\Grisu\Downloads\install_virtualdj_home_v7.4.1b.exe
2014-06-05 15:35 - 2014-06-05 15:35 - 01496480 ____N ( ) C:\Users\Grisu\Desktop\cpu-z_1.692-setup-en.exe
2014-06-05 15:20 - 2014-06-05 15:20 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe
2014-06-05 14:59 - 2014-06-05 14:59 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 14:59 - 2014-06-05 14:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ___SD () C:\32788R22FWJFW
2014-06-05 14:57 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 14:48 - 2014-06-05 14:48 - 00448512 _____ (OldTimer Tools) C:\Users\Grisu\Downloads\TFC.exe
2014-06-05 14:45 - 2014-06-05 14:44 - 00040863 _____ () C:\Users\Grisu\Downloads\Addition.txt
2014-06-05 14:45 - 2014-06-05 14:43 - 00147071 _____ () C:\Users\Grisu\Downloads\FRST.txt
2014-06-05 05:58 - 2014-06-05 05:58 - 00000000 ____D () C:\Windows\SysWOW64\%Report%
2014-06-05 05:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-05 03:55 - 2014-06-05 03:50 - 00004599 _____ () C:\Windows\IE9_main.log
2014-06-04 19:09 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu
2014-06-04 19:06 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Dokumente 2014
2014-06-04 19:06 - 2014-06-04 19:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Bilder 2013
2014-06-04 19:02 - 2014-06-04 19:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Bewerbung Schatzi
2014-06-04 03:20 - 2014-06-04 03:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-04 03:20 - 2014-06-04 03:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-03 17:58 - 2014-06-03 17:54 - 00000000 ____D () C:\ProgramData\Skype
2014-06-03 17:58 - 2014-06-03 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-03 17:54 - 2014-06-03 17:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-03 17:54 - 2014-06-03 17:54 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Skype
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-06-03 17:44 - 2014-06-03 17:44 - 00000000 ____D () C:\Program Files (x86)\Franzis
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GHISLER
2014-06-03 17:43 - 2014-06-03 17:43 - 00000000 ____D () C:\Program Files\totalcmd
2014-06-03 17:42 - 2014-06-03 17:42 - 04626896 _____ (Ghisler Software GmbH) C:\Users\Grisu\Downloads\tcm851ax64.exe
2014-06-03 17:32 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-03 17:31 - 2014-06-03 17:31 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 17:31 - 2014-06-03 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-03 17:31 - 2014-06-03 17:30 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-03 17:30 - 2014-06-03 17:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-03 17:30 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 __RHD () C:\MSOCache
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Microsoft Help
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-03 17:28 - 2014-06-03 17:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-03 17:21 - 2014-06-03 13:53 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-03 17:16 - 2014-06-03 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
2014-06-03 17:16 - 2014-06-03 17:16 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-03 16:22 - 2014-06-03 16:22 - 00000000 ____D () C:\ProgramData\T-Online
2014-06-03 16:22 - 2014-06-03 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2014-06-03 16:21 - 2014-06-03 16:21 - 00000000 ____D () C:\Program Files (x86)\DSL-Manager
2014-06-03 16:19 - 2014-06-03 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-03 16:19 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google
2014-06-03 16:19 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-03 16:12 - 2014-06-03 16:12 - 00918672 _____ (Google Inc.) C:\Users\Grisu\Downloads\ChromeSetup.exe
2014-06-03 16:10 - 2014-06-03 16:10 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-06-03 16:10 - 2014-06-03 11:28 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-03 15:50 - 2014-06-03 15:50 - 00868848 _____ () C:\Windows\system32\Drivers\sptd.sys
2014-06-03 15:48 - 2014-06-03 15:48 - 00000000 ____D () C:\Program Files\Alcohol 120%
2014-06-03 14:51 - 2014-06-03 14:51 - 00000843 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-03 14:47 - 2014-06-03 14:47 - 01671504 _____ (BitTorrent Inc.) C:\Users\Grisu\Downloads\uTorrent_v.3.4.2_31515.exe
2014-06-03 14:33 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Battle.net
2014-06-03 14:31 - 2014-06-03 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-03 14:31 - 2014-06-03 14:31 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-03 14:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-03 13:55 - 2014-06-03 13:55 - 00001131 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\NVIDIA
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Blizzard Entertainment
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-03 13:55 - 2014-06-03 13:55 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-03 13:53 - 2014-06-03 13:53 - 02942368 _____ (Blizzard Entertainment) C:\Users\Grisu\Downloads\World-of-Warcraft-Setup-deDE.exe
2014-06-03 13:24 - 2014-06-03 13:24 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-03 13:23 - 2014-06-03 13:23 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-03 13:22 - 2014-06-03 13:22 - 01987893 _____ () C:\Users\Grisu\Downloads\REPT.rar
2014-06-03 13:16 - 2014-06-03 13:16 - 00001039 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Macromedia
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe
2014-06-03 12:48 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Macromedia
2014-06-03 12:42 - 2014-06-03 12:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-03 12:42 - 2014-06-03 11:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-03 12:24 - 2014-06-03 12:24 - 00000000 ____D () C:\Users\Grisu\Documents\Lightshot
2014-06-03 11:47 - 2014-06-03 11:47 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-03 11:47 - 2014-06-03 11:47 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-03 11:30 - 2014-06-03 11:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-03 11:29 - 2014-06-03 11:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-03 11:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-06-03 11:20 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-06-03 11:20 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-06-03 11:11 - 2013-10-17 15:47 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-03 11:11 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-06-03 11:11 - 2013-06-08 20:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-03 10:15 - 2014-06-03 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-06-03 10:14 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-03 10:14 - 2014-06-03 10:14 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-03 10:08 - 2014-06-03 10:08 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-03 10:08 - 2014-06-03 10:08 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-03 10:08 - 2014-06-03 10:08 - 00000000 ____D () C:\Program Files\Java
2014-06-03 10:03 - 2014-06-03 10:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-06-03 10:03 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-06-03 10:03 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-06-03 10:02 - 2014-06-03 10:02 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\rmi
2014-06-03 10:00 - 2014-06-03 09:57 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Mozilla
2014-06-03 10:00 - 2014-06-03 09:57 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Mozilla
2014-06-03 09:58 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-03 09:57 - 2014-06-03 09:57 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-03 09:57 - 2014-06-03 09:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-03 09:54 - 2014-06-03 09:54 - 210915698 ____N () C:\Users\Grisu\Desktop\start REG 03.06.2014.reg
2014-06-03 09:54 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-06-03 09:14 - 2014-06-03 09:14 - 00000020 ___SH () C:\Users\Grisu\ntuser.ini
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Vorlagen
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Startmenü
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Netzwerkumgebung
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Lokale Einstellungen
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Eigene Dateien
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Druckumgebung
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Documents\Eigene Musik
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Documents\Eigene Bilder
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Local\Verlauf
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\AppData\Local\Anwendungsdaten
2014-06-03 09:14 - 2014-06-03 09:14 - 00000000 _SHDL () C:\Users\Grisu\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 10:03 - 00000000 ____D () C:\Windows\Panther
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-03 09:13 - 2014-06-03 09:13 - 00000000 __SHD () C:\Recovery
2014-06-03 09:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-03 09:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-06-03 09:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-03 09:09 - 2014-06-03 09:09 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-06-03 09:09 - 2014-06-03 09:09 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-06-03 09:09 - 2009-07-14 06:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-06-03 09:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-03 09:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-06-03 09:08 - 2014-06-03 09:08 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-06-03 09:06 - 2014-06-03 09:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-30 12:21 - 2014-06-11 12:13 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 12:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 12:14 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 12:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:39 - 2014-06-11 12:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:38 - 2014-06-11 12:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 12:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 12:13 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 12:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:21 - 2014-06-11 12:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:20 - 2014-06-11 12:13 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 12:14 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 12:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 12:13 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 12:14 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 12:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 12:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 12:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 12:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 12:13 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 12:13 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 12:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 12:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 12:14 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 12:14 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 12:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 12:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 12:14 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 12:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 12:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 12:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 12:14 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 12:14 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 12:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 12:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 12:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 12:14 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 12:13 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 12:13 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 12:14 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 12:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 12:14 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 12:13 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 12:14 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 12:14 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 12:13 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 12:14 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 12:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 12:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-20 04:44 - 2014-06-03 11:29 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-06-03 11:29 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-06-03 11:26 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-05-20 04:44 - 2014-06-03 11:26 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-05-20 04:44 - 2014-06-03 11:26 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-06-03 11:29 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-06-03 11:29 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-06-03 11:29 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2014-06-03 11:29 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-06-03 11:29 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-06-03 11:29 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

Some content of TEMP:
====================
C:\Users\Grisu\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-14 14:50

==================== End Of Log ============================

schrauber

16.06.2014 09:16

TuneUp is immer noch drauf......und Logfile ist nicht in Codetags.

Williwu

16.06.2014 14:56

ich habe es aber komplett deinstall host ist auch leer !

schrauber

17.06.2014 09:33

Zitat:

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe

Es ist aber noch in den laufenden Prozessen drin ;)

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Williwu

17.06.2014 21:23

Code:

ComboFix 14-06-16.01 - Grisu 17.06.2014  22:00:11.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6135.2522 [GMT 2:00]

ausgeführt von:: c:\users\Grisu\Desktop\ComboFix.exe

AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}

FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Grisu\AppData\Roaming\Microsoft\Windows\Recent\PDFCreator.url

c:\windows\IsUn0407.exe

J:\Autorun.inf

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-05-17 bis 2014-06-17  ))))))))))))))))))))))))))))))

.

.

2014-06-17 20:09 . 2014-06-17 20:09        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-06-17 18:57 . 2014-05-19 23:18        10702536        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{3130D8BB-6A1F-4E9D-881C-7E95235FCFB7}\mpengine.dll

2014-06-16 14:05 . 2014-06-16 14:05        2106216        ----a-w-        c:\windows\SysWow64\D3DCompiler_43.dll

2014-06-16 14:05 . 2014-06-16 14:05        --------        d-----w-        c:\programdata\Logs

2014-06-16 14:04 . 2014-02-13 15:56        19392        ----a-w-        c:\windows\system32\roboot64.exe

2014-06-16 13:28 . 2005-03-18 15:19        3823312        ----a-w-        c:\windows\system32\d3dx9_25.dll

2014-06-16 13:28 . 2005-02-05 17:45        3544272        ----a-w-        c:\windows\system32\d3dx9_24.dll

2014-06-16 00:51 . 2014-06-16 00:51        --------        d-----w-        c:\program files (x86)\Java

2014-06-13 01:43 . 2014-06-13 01:43        --------        d-----w-        c:\programdata\McAfee

2014-06-12 05:17 . 2014-06-12 05:17        --------        d-----w-        c:\program files (x86)\ESET

2014-06-11 17:32 . 2014-06-11 18:07        --------        d-----w-        C:\AdwCleaner

2014-06-11 13:21 . 2014-06-09 10:24        61016        ----a-w-        c:\windows\system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys

2014-06-11 12:16 . 2014-06-13 01:34        --------        d-----w-        c:\program files (x86)\Greener Web

2014-06-11 10:17 . 2014-04-25 02:34        801280        ----a-w-        c:\windows\system32\usp10.dll

2014-06-11 10:17 . 2014-04-25 02:06        626688        ----a-w-        c:\windows\SysWow64\usp10.dll

2014-06-11 10:17 . 2014-04-05 02:47        1903552        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2014-06-11 10:17 . 2014-04-05 02:47        288192        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2014-06-11 10:17 . 2014-03-26 14:44        2002432        ----a-w-        c:\windows\system32\msxml6.dll

2014-06-11 10:17 . 2014-03-26 14:44        1882112        ----a-w-        c:\windows\system32\msxml3.dll

2014-06-11 10:17 . 2014-03-26 14:41        2048        ----a-w-        c:\windows\system32\msxml6r.dll

2014-06-11 10:17 . 2014-03-26 14:41        2048        ----a-w-        c:\windows\system32\msxml3r.dll

2014-06-11 10:17 . 2014-03-26 14:27        1389056        ----a-w-        c:\windows\SysWow64\msxml6.dll

2014-06-11 10:17 . 2014-03-26 14:27        1237504        ----a-w-        c:\windows\SysWow64\msxml3.dll

2014-06-11 10:17 . 2014-03-26 14:25        2048        ----a-w-        c:\windows\SysWow64\msxml6r.dll

2014-06-11 10:17 . 2014-03-26 14:25        2048        ----a-w-        c:\windows\SysWow64\msxml3r.dll

2014-06-11 10:13 . 2014-05-30 09:28        51200        ----a-w-        c:\windows\system32\jsproxy.dll

2014-06-10 22:12 . 2001-05-04 10:05        505104        ----a-r-        c:\windows\SysWow64\msxml.dll

2014-06-10 22:12 . 1998-06-23 23:00        115016        ----a-r-        c:\windows\SysWow64\MSINET.OCX

2014-06-10 22:12 . 2014-06-10 22:12        --------        d-----w-        c:\program files (x86)\Ubi Soft

2014-06-10 22:12 . 2002-06-17 06:25        26088        ----a-r-        c:\windows\SysWow64\xmlinst.exe

2014-06-10 22:12 . 2002-04-24 11:43        35840        ----a-r-        c:\windows\SysWow64\comdlg32.oca

2014-06-10 22:12 . 2002-04-09 16:23        29184        ----a-r-        c:\windows\SysWow64\MSINET.oca

2014-06-10 22:12 . 2002-01-07 15:30        24576        ----a-r-        c:\windows\SysWow64\msxml3a.dll

2014-06-10 22:12 . 2001-05-04 10:05        28432        ----a-r-        c:\windows\SysWow64\msxmlr.dll

2014-06-10 22:12 . 2000-05-21 23:00        140488        ----a-r-        c:\windows\SysWow64\comdlg32.ocx

2014-06-10 22:12 . 2000-03-17 07:21        36864        ----a-r-        c:\windows\SysWow64\xmlparse.dll

2014-06-10 22:12 . 2000-03-17 07:21        69632        ----a-r-        c:\windows\SysWow64\xmltok.dll

2014-06-10 22:12 . 1998-06-17 23:00        89360        ----a-r-        c:\windows\SysWow64\VB5DB.DLL

2014-06-10 00:34 . 2014-06-16 00:52        --------        d-----w-        c:\programdata\Oracle

2014-06-10 00:34 . 2014-06-16 00:51        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-06-10 00:00 . 2014-06-10 08:31        122584        ----a-w-        c:\windows\system32\drivers\3A056054.sys

2014-06-09 01:19 . 2014-06-09 01:19        122584        ----a-w-        c:\windows\system32\drivers\29593062.sys

2014-06-08 12:55 . 2013-10-14 16:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE

2014-06-08 12:46 . 2014-06-08 12:46        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll

2014-06-08 08:33 . 2013-11-23 18:26        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2014-06-08 08:33 . 2013-11-23 17:47        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

2014-06-08 08:33 . 2011-02-25 06:19        2871808        ----a-w-        c:\windows\explorer.exe

2014-06-08 08:33 . 2011-02-25 05:30        2616320        ----a-w-        c:\windows\SysWow64\explorer.exe

2014-06-08 08:33 . 2013-12-24 23:09        1987584        ----a-w-        c:\windows\SysWow64\d3d10warp.dll

2014-06-08 08:33 . 2013-12-24 22:48        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll

2014-06-08 08:33 . 2013-11-26 08:16        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll

2014-06-08 08:33 . 2013-11-22 22:48        3928064        ----a-w-        c:\windows\system32\d2d1.dll

2014-06-08 08:33 . 2014-02-04 02:32        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll

2014-06-08 08:33 . 2014-02-04 02:04        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll

2014-06-08 08:33 . 2012-02-11 06:36        559104        ----a-w-        c:\windows\system32\spoolsv.exe

2014-06-08 08:33 . 2012-02-11 06:36        67072        ----a-w-        c:\windows\splwow64.exe

2014-06-08 08:14 . 2014-06-08 08:14        --------        d-s---w-        c:\windows\system32\CompatTel

2014-06-07 11:11 . 2013-05-10 04:30        167424        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe

2014-06-07 11:11 . 2013-05-10 03:48        164864        ----a-w-        c:\program files (x86)\Windows Media Player\wmplayer.exe

2014-06-07 11:11 . 2013-05-10 05:56        12625920        ----a-w-        c:\windows\system32\wmploc.DLL

2014-06-07 11:11 . 2013-05-10 04:56        12625408        ----a-w-        c:\windows\SysWow64\wmploc.DLL

2014-06-07 11:11 . 2013-05-10 05:56        14631424        ----a-w-        c:\windows\system32\wmp.dll

2014-06-07 10:59 . 2014-06-07 10:59        --------        d-----w-        c:\windows\Migration

2014-06-06 18:53 . 2014-06-12 03:57        --------        d-----w-        c:\windows\system32\MRT

2014-06-06 18:41 . 2014-06-06 18:41        --------        d-----w-        c:\programdata\PDF Architect 2

2014-06-06 18:41 . 2014-04-25 15:44        110264        ----a-w-        c:\windows\system32\pdfcmon.dll

2014-06-06 18:41 . 2014-04-25 15:44        662288        ----a-w-        c:\windows\SysWow64\MSCOMCT2.OCX

2014-06-06 18:41 . 2014-04-25 15:44        137000        ----a-w-        c:\windows\SysWow64\MSMAPI32.OCX

2014-06-06 18:41 . 2014-04-25 15:44        1070152        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX

2014-06-06 18:41 . 2014-04-25 15:44        23552        ----a-w-        c:\windows\SysWow64\MSMPIDE.DLL

2014-06-06 18:41 . 1998-07-06 16:56        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL

2014-06-06 18:41 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL

2014-06-06 18:41 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\SysWow64\MSCC2DE.DLL

2014-06-06 18:28 . 2012-10-08 08:06        261632        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\EKIJ5000PPR.dll

2014-06-06 18:28 . 2014-06-06 18:28        --------        d-----w-        c:\windows\system32\kodak

2014-06-06 18:26 . 2014-06-06 18:26        --------        d-----w-        c:\programdata\Visan

2014-06-06 18:26 . 2014-06-06 18:26        --------        d-----w-        c:\programdata\PrintProjects

2014-06-06 18:26 . 2014-06-06 18:26        --------        d-----w-        c:\program files (x86)\PrintProjects

2014-06-06 18:20 . 2014-06-06 18:21        --------        d-----w-        c:\windows\SysWow64\kodak

2014-06-06 18:18 . 2014-06-06 18:18        --------        d-----w-        c:\windows\SysWow64\spool

2014-06-06 18:17 . 2014-06-06 18:18        --------        d-----w-        c:\program files (x86)\Kodak

2014-06-06 18:15 . 2014-06-08 08:28        --------        d-----w-        c:\programdata\Kodak

2014-06-06 17:29 . 2014-06-15 14:54        --------        d-----w-        C:\FRST

2014-06-06 14:57 . 2013-07-04 12:50        633856        ----a-w-        c:\windows\system32\comctl32.dll

2014-06-06 14:57 . 2013-07-04 11:50        530432        ----a-w-        c:\windows\SysWow64\comctl32.dll

2014-06-06 14:57 . 2013-07-09 05:52        224256        ----a-w-        c:\windows\system32\wintrust.dll

2014-06-06 14:57 . 2013-07-09 04:52        175104        ----a-w-        c:\windows\SysWow64\wintrust.dll

2014-06-06 14:57 . 2013-10-19 02:18        81408        ----a-w-        c:\windows\system32\imagehlp.dll

2014-06-06 14:57 . 2013-10-19 01:36        159232        ----a-w-        c:\windows\SysWow64\imagehlp.dll

2014-06-06 14:55 . 2013-06-06 05:50        41472        ----a-w-        c:\windows\system32\lpk.dll

2014-06-06 14:54 . 2014-04-12 02:19        1460736        ----a-w-        c:\windows\system32\lsasrv.dll

2014-06-06 14:53 . 2014-02-04 02:35        190912        ----a-w-        c:\windows\system32\drivers\storport.sys

2014-06-06 14:43 . 2013-08-28 01:12        461312        ----a-w-        c:\windows\system32\scavengeui.dll

2014-06-06 01:02 . 2014-06-06 01:02        --------        d-----w-        c:\windows\system32\SPReview

2014-06-06 01:01 . 2014-06-06 01:01        --------        d-----w-        c:\windows\system32\EventProviders

2014-06-06 00:31 . 2014-06-06 00:31        --------        d-----w-        C:\Plugins

2014-06-06 00:30 . 2014-06-06 00:31        --------        d-----w-        c:\program files (x86)\Ganymede

2014-06-05 23:52 . 2014-06-05 23:52        --------        d-----w-        c:\programdata\Package Cache

2014-06-05 16:38 . 2010-11-05 01:57        48976        ----a-w-        c:\windows\system32\netfxperf.dll

2014-06-05 16:38 . 2010-11-05 01:57        1942856        ----a-w-        c:\windows\system32\dfshim.dll

2014-06-05 16:36 . 2010-11-20 13:33        184704        ----a-w-        c:\windows\system32\drivers\pci.sys

2014-06-05 16:35 . 2010-11-20 13:02        8192        ----a-w-        c:\windows\system32\KBDTUQ.DLL

2014-06-05 16:34 . 2010-11-20 13:27        529408        ----a-w-        c:\windows\system32\wbemcomn.dll

2014-06-05 16:34 . 2010-11-20 13:27        244736        ----a-w-        c:\program files\Windows Portable Devices\sqmapi.dll

2014-06-05 16:33 . 2010-11-20 13:27        244736        ----a-w-        c:\windows\system32\sqmapi.dll

2014-06-05 16:11 . 2011-03-11 06:33        2565632        ----a-w-        c:\windows\system32\esent.dll

2014-06-05 16:11 . 2011-03-11 05:33        1699328        ----a-w-        c:\windows\SysWow64\esent.dll

2014-06-05 16:11 . 2011-03-11 06:41        166272        ----a-w-        c:\windows\system32\drivers\nvstor.sys

2014-06-05 16:11 . 2011-03-11 06:41        148352        ----a-w-        c:\windows\system32\drivers\nvraid.sys

2014-06-05 16:11 . 2011-03-11 06:41        410496        ----a-w-        c:\windows\system32\drivers\iaStorV.sys

2014-06-05 16:11 . 2011-03-11 06:41        27008        ----a-w-        c:\windows\system32\drivers\amdxata.sys

2014-06-05 16:11 . 2011-03-11 06:41        107904        ----a-w-        c:\windows\system32\drivers\amdsata.sys

2014-06-05 16:11 . 2011-03-11 06:30        96768        ----a-w-        c:\windows\system32\fsutil.exe

2014-06-05 16:11 . 2011-03-11 05:31        74240        ----a-w-        c:\windows\SysWow64\fsutil.exe

2014-06-05 16:11 . 2011-03-11 04:37        91648        ----a-w-        c:\windows\system32\drivers\USBSTOR.SYS

2014-06-05 13:03 . 2010-08-30 06:34        536576        ----a-w-        c:\windows\SysWow64\sqlite3.dll

2014-06-05 13:00 . 2014-06-17 19:04        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-06-05 12:59 . 2014-06-05 12:59        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware

2014-06-05 12:59 . 2014-06-05 12:59        --------        d-----w-        c:\programdata\Malwarebytes

2014-06-05 12:59 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys

2014-06-05 12:59 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-06-05 12:59 . 2014-05-12 05:25        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys

2014-06-05 03:58 . 2014-06-05 03:58        --------        d-----w-        c:\windows\SysWow64\%Report%

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-06-06 14:15 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll

2014-06-06 14:15 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll

2014-06-03 09:20 . 2013-10-17 13:47        458336        ----a-w-        c:\windows\system32\drivers\kl1.sys

2014-06-03 09:20 . 2013-06-06 15:38        178272        ----a-w-        c:\windows\system32\drivers\kneps.sys

2014-06-03 09:11 . 2013-10-17 13:47        29280        ----a-w-        c:\windows\system32\drivers\klkbdflt.sys

2014-06-03 09:11 . 2013-10-17 13:47        625248        ----a-w-        c:\windows\system32\drivers\klif.sys

2014-06-03 09:11 . 2013-06-08 18:18        115296        ----a-w-        c:\windows\system32\drivers\klflt.sys

2014-04-09 13:13 . 2014-04-09 13:13        489064        ----a-w-        C:\SecurityScanner.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-09-18 205976]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]

"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE" [2012-10-08 3182080]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe [2014-6-3 1085440]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]

R4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]

R4 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]

S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64;{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64;c:\windows\system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys;c:\windows\SYSNATIVE\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [x]

S1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\DRIVERS\dslmnlwf.sys;c:\windows\SYSNATIVE\DRIVERS\dslmnlwf.sys [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]

S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]

S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]

S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]

S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 TDslMgrService;DSL-Manager;c:\program files (x86)\DSL-Manager\DslMgrSvc.exe;c:\program files (x86)\DSL-Manager\DslMgrSvc.exe [x]

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - MBAMSWISSARMY

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-06-03 14:19        1091912        ----a-w-        c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2014-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-03 01:59]

.

2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03 14:14]

.

2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-03 14:14]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2014-05-14 06:15        2335960        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2014-05-14 06:15        2335960        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2014-05-14 06:15        2335960        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

UxTuneUp

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000

IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm

TCP: DhcpNameServer = 192.168.2.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL

FF - ProfilePath - c:\users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\ik2h1i7j.default\

FF - prefs.js: network.proxy.ftp - 91.202.164.113

FF - prefs.js: network.proxy.ftp_port - 8080

FF - prefs.js: network.proxy.http - 91.202.164.113

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.socks - 91.202.164.113

FF - prefs.js: network.proxy.socks_port - 8080

FF - prefs.js: network.proxy.ssl - 91.202.164.113

FF - prefs.js: network.proxy.ssl_port - 8080

FF - prefs.js: network.proxy.type - 0

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe

Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe

c:\users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-Cheat Engine 6.3_is1 - d:\programme\Cheat Engine 6.3\unins000.exe

AddRemove-S4Uninst - c:\windows\IsUn0407.exe

AddRemove-{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} - d:\programme\PDFCreator\unins000.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2014-06-17  22:20:05

ComboFix-quarantined-files.txt  2014-06-17 20:20

.

Vor Suchlauf: 9 Verzeichnis(se), 20.125.138.944 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 20.366.884.864 Bytes frei

.

- - End Of File - - 51C3D027E9311A84ECB86C300248FC2F

A36C5E4F47E84449FF07ED3517B43A31

schrauber

18.06.2014 17:58

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Williwu

27.06.2014 06:26

möchte mich für die lange zeit ohne meldung entschuldiegen und bestätiege hiermit wieder im lande zu sein!

kamm leider eine Geschäftsreise dazwischen

schrauber

27.06.2014 13:52

ok.

Williwu

10.10.2014 02:17

hi so seid langem wieder hier also ich hatte mit eurer hilfe den PC zum laufen bekommen aber leider gottes wie ihr ja wisst muss man halt mal zur arbeit und Sohneman`n setzt sich vor den PC

so ich bin bislang noch nicht dazu gekommen alles kommplett nach zulesen dahher wäre es schön wenn ihr mir helfen konntet Frst kommt jetzt
FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01

Ran by Grisu (administrator) on GRISU-PC on 09-10-2014 12:28:38

Running from C:\Users\Grisu\Desktop\Trojaner software

Loaded Profile: Grisu (Available profiles: Grisu)

Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\ComboFix\CF7080.3XE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\ComboFix\CF7080.3XE

() C:\ComboFix\PEV.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NirSoft) C:\ComboFix\NIRKMD.3XE

() C:\ComboFix\pev.3XE

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk

ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: GMX MailCheck - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\toolbar@gmx.net [2014-10-04]

FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]

FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]

FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 

Chrome: 

=======

CHR HomePage: Default -> 

CHR DefaultSearchKeyword: Default -> D3955B959DE080A3E6149C6A2508531C1F11B3489CC2DB1121D497E6B5830A95

CHR DefaultSearchProvider: Default -> EC6FB59FEA1D64FC5C1BCF93530975EB8C4DFA0917F2267A74FB23F8352E0631

CHR DefaultSearchURL: Default -> https://www.facebook.com/?ref=logo

CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]

CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-09-26]

CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]

CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]

CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-09-26]

CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-09-26]

CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-09-26]

CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]

CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]

CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-09-26]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-22] (BlueStack Systems, Inc.)

S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-22] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-22] (BlueStack Systems, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-07-06] () [File not signed]

R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]

S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)

S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)

S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)

S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]

S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-22] (BlueStack Systems)

R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)

U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)

R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)

R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)

R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)

S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-09] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] (Duplex Secure Ltd.)

R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 gwfilt64; system32\drivers\gwfilt64.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-09 12:24 - 2014-10-09 12:28 - 00000000 ___SD () C:\ComboFix

2014-10-09 11:42 - 2014-10-09 11:42 - 00276375 _____ () C:\Users\Grisu\Desktop\SysInspector-GRISU-PC-141009-1138.zip

2014-10-08 15:19 - 2014-10-08 15:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Sinvise Systems

2014-10-08 15:10 - 2014-10-08 15:10 - 01125200 _____ () C:\Users\Grisu\Downloads\Shutdown Timer 32 Bit - CHIP-Installer.exe

2014-10-08 15:01 - 2014-10-08 15:01 - 00391064 _____ () C:\Users\Grisu\Downloads\billiards_install_1_0_2_7(2).exe

2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-10-08 14:57 - 2014-10-08 14:57 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe

2014-10-08 14:55 - 2014-10-08 14:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys

2014-10-08 14:29 - 2014-10-09 12:10 - 00000628 _____ () C:\Windows\PFRO.log

2014-10-08 12:53 - 2014-10-09 12:10 - 00000168 _____ () C:\Windows\setupact.log

2014-10-08 12:53 - 2014-10-08 12:53 - 00000000 _____ () C:\Windows\setuperr.log

2014-10-08 04:16 - 2014-10-08 11:23 - 00000000 ____D () C:\Users\Grisu\Desktop\motochopper

2014-10-08 04:15 - 2014-10-08 04:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip

2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\Users\Grisu\Downloads\Android-Root-Tool

2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\EGLTD

2014-10-07 14:47 - 2014-10-07 14:47 - 02941840 _____ (Microsoft Corporation) C:\Users\Grisu\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe

2014-10-05 15:27 - 2014-10-05 15:27 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-10-05 15:25 - 2014-10-05 15:26 - 00895120 _____ (Google Inc.) C:\Users\Grisu\Downloads\ChromeSetup (1).exe

2014-10-05 14:38 - 2014-10-05 14:38 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-10-05 14:38 - 2014-10-05 14:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-05 14:26 - 2014-10-05 14:26 - 01101648 _____ () C:\Users\Grisu\Downloads\Firefox - CHIP-Installer(1).exe

2014-10-04 02:20 - 2014-10-04 02:27 - 291852366 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x86-RefreshPkg.msu

2014-10-03 14:18 - 2014-10-03 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys

2014-10-02 12:30 - 2014-10-02 12:30 - 00000467 _____ () C:\Users\Public\Desktop\Sacred 3.lnk

2014-10-02 10:05 - 2014-10-02 11:35 - 00000000 ____D () C:\Users\Grisu\Desktop\Mashup-Germany - Vol.6 - Back to the future

2014-10-02 09:35 - 2014-10-02 09:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip

2014-10-02 08:56 - 2014-10-02 08:56 - 00136692 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt

2014-10-02 03:19 - 2014-10-02 03:19 - 00167316 _____ () C:\Users\Grisu\Downloads\[kickass.to]sacred.3.dlc.pack.addon.reloaded.torrent

2014-10-02 03:17 - 2014-10-02 03:17 - 00179196 _____ () C:\Users\Grisu\Downloads\[kickass.to]sacred.3.reloaded.torrent

2014-10-02 02:15 - 2014-10-08 15:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-02 02:13 - 2014-10-02 02:13 - 00244408 _____ () C:\Users\Grisu\Downloads\Firefox Setup Stub 32.0.3.exe

2014-10-02 02:08 - 2014-10-02 02:08 - 00001768 _____ () C:\sc-cleaner.txt

2014-10-02 02:07 - 2014-10-02 02:07 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Grisu\Downloads\sc-cleaner.exe

2014-10-02 01:43 - 2014-10-02 01:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-10-02 01:27 - 2014-10-02 01:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe

2014-10-02 01:16 - 2014-10-02 01:18 - 00068191 _____ () C:\Users\Grisu\Downloads\FRST.txt

2014-10-01 12:25 - 2014-10-01 12:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys

2014-10-01 00:19 - 2014-10-01 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys

2014-09-29 14:13 - 2014-10-01 12:05 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt

2014-09-28 14:17 - 2014-09-28 14:17 - 01101648 _____ () C:\Users\Grisu\Downloads\Windows Media Player - CHIP-Installer.exe

2014-09-28 12:49 - 2014-09-28 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\319F42D4.sys

2014-09-28 12:09 - 2014-09-28 12:09 - 00335504 _____ (Bytro Labs) C:\Users\Grisu\Downloads\S1914JavaInstaller.exe

2014-09-26 17:26 - 2014-09-26 17:26 - 00000000 ____D () C:\Users\Grisu\Downloads\SpyHunter-v4.15.1.4270-Incl-Crack---[MUMBAI]

2014-09-26 16:12 - 2014-09-26 16:12 - 00000310 _____ () C:\CCALib8WS.log

2014-09-26 16:11 - 2014-09-26 17:36 - 00000000 ____D () C:\sh4ldr

2014-09-26 16:11 - 2014-09-26 16:11 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group

2014-09-26 15:38 - 2014-09-26 16:11 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP

2014-09-26 15:37 - 2014-09-26 17:35 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft

2014-09-26 13:36 - 2014-09-26 13:36 - 00000000 ____D () C:\Users\Grisu\Desktop\Advanced Archive Password Recovery Professional 4.54.48

2014-09-26 13:35 - 2014-09-26 13:35 - 07328167 _____ () C:\Users\Grisu\Downloads\Advanced Archive Password Recovery.zip

2014-09-26 13:13 - 2014-09-26 13:13 - 00000000 _____ () C:\Users\Grisu\Downloads\Spy_Hunter_4_Crack_Full.exe

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Users\Grisu\Desktop\Canon

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 _____ () C:\autoexec.bat

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\X86

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\AMD64

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpteOn

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpitOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpteOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpitOn

2014-09-26 03:00 - 2014-09-26 04:52 - 00000000 ____D () C:\Program Files (x86)\ORBTR

2014-09-26 01:47 - 2014-10-02 01:36 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-09-26 01:47 - 2014-09-26 03:01 - 00000000 ____D () C:\ProgramData\dad537a8ea1f6947

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator

2014-09-26 01:30 - 2014-09-26 01:30 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn(1).rar

2014-09-26 01:29 - 2014-09-26 01:29 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn.rar

2014-09-25 21:38 - 2014-10-08 11:44 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC

2014-09-25 21:32 - 2014-09-26 03:24 - 00000000 ___RD () C:\Users\Grisu\Desktop\104CANON

2014-09-25 21:31 - 2014-09-25 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-09-25 21:30 - 2014-09-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-09-25 21:29 - 2014-09-25 21:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\canon

2014-09-25 21:28 - 2014-09-25 21:28 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC

2014-09-24 23:32 - 2014-09-24 23:33 - 00001703 _____ () C:\Users\Grisu\Downloads\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip

2014-09-24 23:19 - 2014-09-24 23:24 - 00000000 ____D () C:\Users\Grisu\Downloads\odbg110

2014-09-24 23:19 - 2014-09-24 23:19 - 01333471 _____ () C:\Users\Grisu\Downloads\odbg110.zip

2014-09-24 22:06 - 2014-09-24 22:06 - 00521216 _____ (PainteR) C:\Users\Grisu\Downloads\Adobe Universal Patcher.exe

2014-09-24 11:32 - 2014-09-24 11:32 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk

2014-09-24 10:45 - 2014-09-24 10:45 - 00001711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk

2014-09-24 01:24 - 2014-09-24 01:29 - 00000000 ____D () C:\Users\Grisu\Downloads\Adobe_Photoshop_Lightroom_5_6_keygen

2014-09-24 01:21 - 2014-09-24 01:21 - 00000000 ____D () C:\Users\Grisu\Documents\Adobe

2014-09-24 00:51 - 2014-09-24 00:53 - 00007510 _____ () C:\Users\Grisu\Adobe Creative Suite Cleaner Tool.log

2014-09-24 00:50 - 2014-09-24 00:53 - 00000000 ____D () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool

2014-09-24 00:49 - 2014-09-24 00:50 - 08098376 _____ () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool.zip

2014-09-24 00:45 - 2014-09-24 00:45 - 00001110 _____ () C:\Users\Grisu\Downloads\[kickass.to]adobe.photoshop.cc.v2014.multi.win.keygen.only.xforce.torrent

2014-09-23 01:50 - 2014-09-23 03:16 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part02.rar

2014-09-22 12:05 - 2014-09-22 13:36 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part01.rar

2014-09-22 03:31 - 2014-09-22 03:31 - 00000000 ____D () C:\ProgramData\Codemasters

2014-09-22 03:15 - 2014-09-22 03:15 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Windows\SysWOW64\xlive

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-09-22 03:03 - 2014-09-22 03:03 - 00000000 ____D () C:\Program Files (x86)\OpenAL

2014-09-22 02:48 - 2014-09-22 02:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\095B6173.sys

2014-09-20 16:31 - 2014-09-30 01:40 - 00071283 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods

2014-09-20 16:22 - 2014-09-27 15:34 - 00020022 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods

2014-09-19 13:30 - 2014-09-19 13:31 - 00000000 ____D () C:\Users\Grisu\Desktop\Fiasko

2014-09-19 12:55 - 2014-09-19 12:55 - 13629321 _____ () C:\Users\Grisu\Downloads\The-Next-Generation.rar

2014-09-19 12:55 - 2014-09-19 12:55 - 05895249 _____ () C:\Users\Grisu\Downloads\Was-kommt-danach.rar

2014-09-19 12:54 - 2014-09-19 12:56 - 54808864 _____ () C:\Users\Grisu\Downloads\Liebe---Schmerz.rar

2014-09-19 12:54 - 2014-09-19 12:55 - 07495120 _____ () C:\Users\Grisu\Downloads\Meine-eigene-Lieder.rar

2014-09-19 02:02 - 2014-10-09 12:12 - 00000000 ___RD () C:\Users\Grisu\Dropbox

2014-09-19 02:01 - 2014-09-18 14:59 - 00001021 _____ () C:\Users\Grisu\Desktop\Dropbox.lnk

2014-09-18 14:59 - 2014-09-18 14:59 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-09-18 14:56 - 2014-10-09 12:12 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox

2014-09-18 14:55 - 2014-09-24 09:59 - 00000000 ____D () C:\Users\Grisu\Desktop\Adobe CS6 All Products Activator (x32 & x64)

2014-09-18 14:53 - 2014-09-18 14:54 - 41377280 _____ (Dropbox, Inc.) C:\Users\Grisu\Downloads\Dropbox_2.10.30.exe

2014-09-18 14:24 - 2014-09-18 14:54 - 976158128 _____ (Adobe Systems Incorporated) C:\Users\Grisu\Desktop\Lightroom_5_LS11_win_5_6.exe

2014-09-18 14:07 - 2014-09-18 14:07 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PDAppFlex

2014-09-18 12:04 - 2014-09-18 12:04 - 00030392 _____ () C:\Users\Grisu\Downloads\excel-vorlagen-haushaltsbuch.zip

2014-09-18 11:49 - 2014-09-18 11:49 - 00034304 _____ () C:\Users\Grisu\Downloads\wochenplan.xls

2014-09-18 11:44 - 2014-09-18 11:45 - 07441742 _____ () C:\Users\Grisu\Downloads\Unternehmensbereich-Aktuelles-SoundOfWork-3029_41456-0.zip

2014-09-18 11:34 - 2014-09-18 12:59 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part02.rar

2014-09-18 09:52 - 2014-09-18 11:17 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part01.rar

2014-09-17 23:28 - 2014-09-17 23:28 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67 (1).exe

2014-09-17 22:58 - 2014-09-17 22:58 - 01101648 _____ () C:\Users\Grisu\Downloads\Firefox - CHIP-Installer.exe

2014-09-17 22:30 - 2014-09-17 22:30 - 00000000 ___RD () C:\Users\Grisu\Creative Cloud Files

2014-09-17 22:26 - 2014-09-17 22:26 - 00001320 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk

2014-09-17 22:17 - 2014-09-17 22:17 - 00614792 _____ (Adobe Systems Incorporated) C:\Users\Grisu\Downloads\CreativeCloudSet-Up.exe

2014-09-17 11:40 - 2014-09-17 11:40 - 00031408 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004.zip

2014-09-17 11:35 - 2014-09-17 11:35 - 01101648 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004 - CHIP-Installer.exe

2014-09-17 11:06 - 2014-09-17 11:36 - 00002269 _____ () C:\Users\Grisu\Desktop\Datenbank Open Office.odb

2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\OpenOffice

2014-09-17 08:21 - 2014-09-17 08:21 - 00000855 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk

2014-09-17 08:21 - 2014-09-17 08:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

2014-09-17 06:35 - 2014-09-17 06:36 - 01101648 _____ () C:\Users\Grisu\Downloads\OpenOffice - CHIP-Installer.exe

2014-09-16 12:24 - 2014-09-16 12:25 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 15 Demo

2014-09-16 12:13 - 2014-09-24 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo

2014-09-16 12:13 - 2014-09-16 12:13 - 00001220 _____ () C:\Users\Public\Desktop\FIFA 15 Demo.lnk

2014-09-16 10:25 - 2014-09-16 10:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A3A2363.sys

2014-09-15 22:22 - 2014-09-15 22:22 - 00000061 _____ () C:\Windows\wininit.ini

2014-09-15 21:47 - 2014-09-15 21:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Java

2014-09-15 21:44 - 2014-09-15 21:44 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67.exe

2014-09-15 21:39 - 2014-09-15 21:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Sun

2014-09-15 12:07 - 2014-09-15 12:07 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-09-15 12:05 - 2014-09-15 12:05 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-09-15 12:01 - 2014-09-15 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-09-15 12:01 - 2014-09-15 23:00 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-09-15 12:01 - 2014-09-15 12:01 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-09-15 09:32 - 2014-09-15 09:34 - 96138664 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jre-8u20-windows-x64.exe

2014-09-12 08:17 - 2014-09-12 08:18 - 01370467 _____ () C:\Users\Grisu\Downloads\adwcleaner_3.309.exe

2014-09-11 09:05 - 2014-09-29 01:11 - 00000769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk

2014-09-11 09:05 - 2014-09-11 09:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE

2014-09-11 09:04 - 2014-10-08 11:44 - 00000000 ____D () C:\ProgramData\Netzmanager

2014-09-11 09:04 - 2014-09-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager

2014-09-11 09:03 - 2014-09-11 09:05 - 00000000 __HDC () C:\ProgramData\{BA58D0EE-89D1-4191-9F19-B6AD920B04F7}

2014-09-11 08:58 - 2014-09-11 08:58 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Grisu\Downloads\netzmanager_setup.exe

2014-09-11 08:40 - 2014-09-11 08:40 - 00000000 ____D () C:\Users\Grisu\.android

2014-09-09 14:52 - 2014-09-09 14:58 - 00000000 ____D () C:\Users\Grisu\Documents\VirtualDJ

2014-09-09 14:35 - 2014-09-15 23:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-09-09 14:35 - 2014-09-09 14:35 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Bluestacks

2014-09-09 14:34 - 2014-09-09 14:46 - 35980958 _____ () C:\Users\Grisu\Downloads\atoolViDP8001897763MPT.rar

2014-09-09 14:16 - 2014-09-09 14:52 - 00000965 _____ () C:\Users\Grisu\Desktop\VirtualDJ 8.lnk

2014-09-09 13:58 - 2014-09-11 21:01 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ

2014-09-09 13:38 - 2014-10-08 15:17 - 00000000 ____D () C:\Program Files (x86)\Northstar

2014-09-09 13:18 - 2014-09-09 13:18 - 00000159 ___RH () C:\Windows\ctfile.rfc

2014-09-09 13:18 - 2008-12-04 11:59 - 00188416 _____ () C:\Windows\system32\APOMgr64.DLL

2014-09-09 13:18 - 2008-12-04 11:57 - 00146432 _____ () C:\Windows\SysWOW64\APOMngr.DLL

2014-09-09 13:18 - 2008-09-17 14:07 - 00088064 _____ () C:\Windows\system32\CmdRtr64.DLL

2014-09-09 13:18 - 2008-09-17 14:05 - 00072704 _____ () C:\Windows\SysWOW64\CmdRtr.DLL

2014-09-09 13:17 - 2014-09-09 13:17 - 00000000 ____D () C:\Program Files\Realtek

2014-09-09 13:15 - 2014-09-09 13:41 - 00000000 ___HD () C:\Program Files (x86)\Temp

2014-09-09 13:10 - 2014-09-09 13:10 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-09-09 13:10 - 2014-09-09 13:10 - 00000000 ____D () C:\Intel

2014-09-09 13:10 - 2009-07-08 16:34 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll

2014-09-09 13:09 - 2014-09-09 13:09 - 04040353 _____ () C:\Users\Grisu\Downloads\SATA_Jmicron_1.17.49.04_W7x64_A.zip

2014-09-09 13:09 - 2014-09-09 13:09 - 01516243 _____ () C:\Users\Grisu\Downloads\Modem_liteon_2.2.95_W7x64_A.zip

2014-09-09 13:09 - 2014-09-09 13:09 - 01493802 _____ () C:\Users\Grisu\Downloads\TV Tuner_Yuan_6.0.64.0059_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:14 - 163631797 _____ () C:\Users\Grisu\Downloads\Lan_Intel_14.3_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:11 - 60779343 _____ () C:\Users\Grisu\Downloads\Audio_Realtek_5.10.0.5898_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:08 - 08163850 _____ () C:\Users\Grisu\Downloads\Application_Acer_1.02.3502_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:08 - 02357106 _____ () C:\Users\Grisu\Downloads\Chipset_Intel_9.1.1.1015_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:08 - 01397938 _____ () C:\Users\Grisu\Downloads\CardReader_Northstar_1.2_W7x64_A.zip

2014-09-09 13:08 - 2014-09-09 13:08 - 00948720 _____ () C:\Users\Grisu\Downloads\BIOS_Acer_R01.A3_A_A.zip

2014-09-09 12:51 - 2014-09-09 12:51 - 00328795 __RSH () C:\PYLKM

2014-09-09 12:49 - 2014-09-09 12:49 - 00001432 _____ () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-09 12:29 - 2014-09-09 12:38 - 318337992 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x64-RefreshPkg.msu

2014-09-09 12:27 - 2014-09-09 12:27 - 00085836 _____ () C:\Users\Grisu\Downloads\PTT-20140818-WA0001.aac

2014-09-09 12:27 - 2014-09-09 12:27 - 00008221 _____ () C:\Users\Grisu\Downloads\PTT-20140818-WA0002.aac

2014-09-09 12:25 - 2014-09-09 12:25 - 00116243 _____ () C:\Users\Grisu\Desktop\WhatsApp Chat mit Perlchen Becca.txt

2014-09-09 12:03 - 2014-09-05 10:49 - 00046080 _____ () C:\Users\Grisu\Desktop\N-Std+Makro1.xls

2014-09-09 12:03 - 2014-08-31 16:59 - 00016138 _____ () C:\Users\Grisu\Desktop\Mappe109.xlsx

2014-09-09 11:43 - 2014-09-09 11:43 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-09-09 10:44 - 2014-09-09 10:44 - 00000000 ____D () C:\Windows\CSC

2014-09-09 10:43 - 2009-06-10 22:30 - 00053551 _____ () C:\Windows\Professional.xml

2014-09-09 09:58 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-09-09 09:58 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-09-09 09:58 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-09-09 09:58 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-09-09 09:58 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-09-09 09:58 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-09-09 09:58 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-09-09 09:58 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-09-09 09:57 - 2014-09-09 09:57 - 01057472 _____ (Adobe) C:\Users\Grisu\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe

2014-09-09 07:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-09-09 07:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-09-09 07:32 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-09-09 07:32 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-09-09 07:32 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-09 07:32 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-09-09 07:32 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-09-09 07:32 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-09-09 07:32 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-09-09 07:32 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-09 07:32 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-09 07:32 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-09-09 07:32 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-09-09 07:32 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-09 07:32 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-09 07:32 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-09-09 07:32 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-09-09 07:32 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-09 07:32 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-09-09 07:32 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-09-09 07:32 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-09-09 07:32 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-09-09 07:32 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-09 07:32 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-09-09 07:32 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-09-09 07:32 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-09 07:32 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-09-09 07:32 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-09-09 07:32 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-09 07:32 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-09-09 07:32 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-09-09 07:32 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-09-09 07:32 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-09-09 07:32 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-09 07:32 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-09-09 07:32 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-09-09 07:32 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-09 07:32 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-09-09 07:32 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-09-09 07:32 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-09-09 07:32 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-09-09 07:32 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-09 07:32 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-09-09 07:32 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-09-09 07:32 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-09-09 07:32 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-09-09 07:32 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-09-09 07:32 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-09-09 07:32 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-09-09 07:32 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-09-09 07:32 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-09-09 07:32 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-09-09 07:32 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-09-09 07:32 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-09-09 07:32 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-09-09 07:32 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-09-09 07:32 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-09-09 07:32 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-09-09 07:31 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-09 07:31 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-09-09 07:31 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-09-09 07:31 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-09 07:31 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-09-09 07:31 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-09-09 07:31 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-09 07:31 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-09-09 07:29 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-09-09 07:29 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-09-09 07:29 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-09-09 07:29 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-09-09 07:29 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-09-09 07:06 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-09-09 07:06 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-09-09 07:06 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-09-09 07:06 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-09-09 07:05 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-09-09 07:05 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-09-09 07:05 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-09-09 07:05 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-09-09 07:05 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-09-09 07:05 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-09-09 07:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-09-09 07:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-09-09 07:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-09-09 07:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-09 12:28 - 2014-07-18 18:11 - 00000000 ____D () C:\FRST

2014-10-09 12:28 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software

2014-10-09 12:20 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-09 12:20 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-09 12:15 - 2014-06-03 09:07 - 01548274 _____ () C:\Windows\WindowsUpdate.log

2014-10-09 12:14 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-09 12:11 - 2014-07-29 10:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-09 12:11 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-10-09 12:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-09 12:08 - 2014-06-11 19:32 - 00000000 ____D () C:\AdwCleaner

2014-10-09 11:32 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-09 11:10 - 2014-07-29 10:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-09 02:01 - 2014-08-04 02:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe

2014-10-08 15:04 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet

2014-10-08 15:02 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede

2014-10-08 11:44 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-10-08 11:44 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu

2014-10-08 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-10-08 11:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-06 15:17 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent

2014-10-05 16:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-04 02:28 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-10-04 02:02 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-10-03 23:34 - 2014-08-05 03:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader

2014-10-03 14:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-10-02 05:51 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-10-02 05:47 - 2014-06-23 12:56 - 00000000 ____D () C:\ProgramData\Origin

2014-10-02 05:24 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14

2014-10-02 04:20 - 2014-06-23 12:55 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-10-02 02:00 - 2013-01-22 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik

2014-10-02 01:29 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-09-30 12:26 - 2014-07-25 00:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity

2014-09-27 14:37 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen

2014-09-27 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-09-26 23:53 - 2014-07-19 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260

2014-09-26 23:53 - 2014-07-19 12:21 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-09-26 17:11 - 2014-07-18 18:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\ICQM

2014-09-26 06:27 - 2014-07-29 10:57 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-26 06:27 - 2014-07-29 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-26 06:27 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-26 05:56 - 2014-06-18 12:34 - 00000774 _____ () C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk

2014-09-26 05:55 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:53 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:51 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

2014-09-26 05:08 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore

2014-09-26 04:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-09-26 03:44 - 2014-07-22 06:08 - 00000000 ____D () C:\Windows\Sun

2014-09-26 02:53 - 2009-07-14 19:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat

2014-09-26 02:53 - 2009-07-14 19:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat

2014-09-26 02:53 - 2009-07-14 07:13 - 01704934 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-26 01:46 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google

2014-09-26 01:30 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-25 23:51 - 2014-06-25 11:25 - 00000000 ____D () C:\Windows\pss

2014-09-25 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA

2014-09-24 23:08 - 2009-07-14 06:45 - 05157960 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-24 14:59 - 2014-06-03 10:55 - 00118680 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-24 11:33 - 2014-07-18 09:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-09-24 11:29 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe

2014-09-24 10:00 - 2014-07-07 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher

2014-09-24 09:59 - 2014-07-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-24 09:59 - 2014-07-07 16:41 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Ubisoft

2014-09-24 09:59 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-09-24 09:58 - 2014-07-18 09:49 - 00000000 ____D () C:\ProgramData\Adobe

2014-09-22 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-09-22 03:03 - 2014-07-18 10:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-09-20 19:55 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump

2014-09-17 22:41 - 2014-06-19 12:37 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Apps\2.0

2014-09-17 22:25 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache

2014-09-17 22:23 - 2014-07-18 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-09-15 23:00 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Spiele

2014-09-15 23:00 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt

2014-09-15 23:00 - 2014-06-03 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-09-15 21:47 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle

2014-09-15 21:32 - 2014-07-28 23:36 - 00000000 ____D () C:\Program Files\Java

2014-09-15 21:09 - 2014-06-05 15:23 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP

2014-09-15 12:05 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-09-15 09:35 - 2014-07-28 23:36 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-09-15 09:35 - 2014-07-28 23:36 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-09-15 09:35 - 2014-07-28 23:36 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-09-14 05:45 - 2014-08-07 03:56 - 00000000 ____D () C:\Users\Grisu\Downloads\Bilder 2. Weltkrieg

2014-09-13 06:41 - 2014-06-04 19:01 - 00326656 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014-mit-Verdienst-und-Feiertagen.xls

2014-09-12 09:32 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-09-11 21:02 - 2014-06-18 23:30 - 00000000 ____D () C:\Windows\ERUNT

2014-09-10 17:55 - 2014-06-13 03:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-09-10 17:55 - 2014-06-03 11:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-09-10 17:55 - 2014-06-03 11:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-09-09 19:30 - 2014-06-04 19:06 - 00000000 ____D () C:\Users\Grisu\Desktop\Dokumente 2014

2014-09-09 14:52 - 2014-07-04 16:42 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ

2014-09-09 14:09 - 2014-06-03 13:16 - 00000184 _____ () C:\Windows\system32\Drivers\etc\hosts.txt

2014-09-09 13:15 - 2014-06-03 16:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-09-09 11:56 - 2014-06-06 20:53 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-09 11:53 - 2014-06-06 20:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-09-09 10:57 - 2014-06-04 19:01 - 00013218 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.xlsx

2014-09-09 10:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-09 10:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-09-09 10:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2014-09-09 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security

2014-09-09 10:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore

2014-09-09 10:39 - 2014-06-15 18:05 - 00002640 _____ () C:\Windows\diagwrn.xml

2014-09-09 10:39 - 2014-06-15 18:05 - 00001908 _____ () C:\Windows\diagerr.xml

2014-09-09 10:09 - 2014-07-06 16:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2014-09-09 09:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas

2014-09-09 07:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc

2014-09-09 06:53 - 2014-06-03 09:13 - 00000000 ____D () C:\Recovery

2014-09-09 06:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
 

Some content of TEMP:

====================

C:\Users\Grisu\AppData\Local\Temp\aff_setup.exe

C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm0fqcj.dll

C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe

C:\Users\Grisu\AppData\Local\Temp\SpOrder.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-26 08:47
 

==================== End Of Log ============================

--- --- ---

--- --- ---

die nächsten schritte bitte !

Williwu

10.10.2014 02:47

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01

Ran by Grisu at 2014-10-10 03:19:18

Running from C:\Users\Grisu\Desktop\Trojaner software

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)

Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)

aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden

aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden

aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden

Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{DA32882F-5E7D-4A73-A503-6CFF16970655}) (Version: 0.9.2.4061 - BlueStack Systems, Inc.)

Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)

Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)

Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)

DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )

Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)

Duplicate Music Files Finder 1.5.5 (HKLM-x32\...\Duplicate Music Files Finder_is1) (Version:  - LC IBros Solutions S.R.L.)

EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

ESET Smart Security (HKLM\...\{23234C01-F6B0-40FE-A583-B66840B28445}) (Version: 7.0.317.4 - ESET, spol s r. o.)

essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)

GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

ICQ 8.2 (build 7100) (HKCU\...\ICQ) (Version: 8.2.7100.0 - ICQ)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)

Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden

KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)

NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)

Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)

Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden

NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

OpenTTD 1.4.1 (HKLM-x32\...\OpenTTD) (Version: 1.4.1 - OpenTTD)

Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)

Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)

PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)

PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Sacred 3 (HKLM-x32\...\U2FjcmVkMw==_is1) (Version: 1 - )

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Sniper Elite 3 GERMAN (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)

Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)

VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)

VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

Wolfenstein German Uncut Edition 1.2 (HKLM-x32\...\Wolfenstein German Uncut Edition 1.2) (Version:  - )

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points  =========================
 

08-10-2014 13:12:16 Installed Shutdown Timer.

08-10-2014 13:15:47 Revo Uninstaller's restore point - SmartCopy

08-10-2014 13:18:10 Revo Uninstaller's restore point - Web Protect for Windows
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2014-09-26 16:11 - 00005568 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 
 
 
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {137F8DA8-B0D6-4D79-A354-01F3D3786DEC} - System32\Tasks\CCleaner => C:\Program

Task: {3214F43F-E1A1-4C68-BF16-E5897A43677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {35F176CF-CA9A-44F4-86C7-453074B5F388} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe

Task: {47204497-A725-44BE-A0D9-2F21AE38E29F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {51A59664-473F-4FFA-875A-FE68FE802FD9} - System32\Tasks\AdobeAAMUpdater-1.0-Grisu-PC-Grisu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {56461B0B-7519-4712-B9BB-9859AA17AA2F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {73F6469B-1E78-4E6C-A5F5-88191BFC333F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)

Task: {7DFD5D42-E1C6-4390-86C1-B957F1040339} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {83D37B77-37C2-4D2B-8458-16CB19C92A74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {887F700D-9A61-4F19-ACE6-457B2D42CCAA} - System32\Tasks\{303E9A7B-F154-43B4-896B-1AD818FEB83A} => C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe

Task: {93E20468-A940-43AF-9687-0AB18E8F852A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-30] (Oracle Corporation)

Task: {967BFB2D-83E2-4B3D-A225-E7BCCF94D76B} - System32\Tasks\{6C11C149-E388-4638-8FF2-38591C16AC8E} => E:\Spiele von C\NBA 2014\nba2k14.exe

Task: {9FA11F48-9923-461F-A36A-F2A17A41238C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {BDFCBC5C-4416-42A1-BB30-04248F26BBFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: {EBD56EAC-34D7-4234-8AD6-312092167FC2} - System32\Tasks\Opera scheduled Autoupdate 1405765260 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll

2014-06-05 17:17 - 2014-06-05 17:17 - 00380416 _____ () C:\Users\Grisu\Desktop\Trojaner software\tukt5x5j.exe

2014-10-02 02:15 - 2014-09-24 07:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2014-09-10 17:55 - 2014-09-10 17:55 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: BstHdAndroidSvc => 2

MSCONFIG\Services: BstHdLogRotatorSvc => 2

MSCONFIG\Services: BstHdUpdaterSvc => 2

MSCONFIG\Services: bthserv => 3

MSCONFIG\Services: Fax => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: NvNetworkService => 2

MSCONFIG\Services: nvsvc => 2

MSCONFIG\Services: ose64 => 3

MSCONFIG\Services: osppsvc => 3

MSCONFIG\Services: PDF Architect 2 => 3

MSCONFIG\Services: pdfforge CrashHandler => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: StarWindServiceAE => 2

MSCONFIG\Services: SwitchBoard => 3

MSCONFIG\Services: UMVPFSrv => 2

MSCONFIG\Services: Wlansvc => 3

MSCONFIG\Services: WMPNetworkSvc => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: Driver Operating Service => C:\Users\Grisu\AppData\Local\Apps\2.0\JDRWC0RT.9RO\5G9E4LPA.5WV\dros..tion_0000000000000000_0001.0000_b92f9a67277994ec\Driver Operating Service.appref-ms

MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe                                                                                                                                                                                                       

MSCONFIG\startupreg: icq => C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe -CU

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-2132015822-3264924353-165971380-500 - Administrator - Disabled)

Gast (S-1-5-21-2132015822-3264924353-165971380-501 - Limited - Disabled)

Grisu (S-1-5-21-2132015822-3264924353-165971380-1000 - Administrator - Enabled) => C:\Users\Grisu

HomeGroupUser$ (S-1-5-21-2132015822-3264924353-165971380-1002 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: Standardtastatur (PS/2)

Description: Standardtastatur (PS/2)

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Microsoft PS/2-Maus

Description: Microsoft PS/2-Maus

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: sptd

Description: sptd

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: sptd

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (10/10/2014 00:18:01 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/10/2014 00:17:58 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/10/2014 00:17:57 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x800706be
 

Error: (10/10/2014 00:08:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.18408, Zeitstempel: 0x52310992

Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5483, Zeitstempel: 0x530efdaa

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00003f94

ID des fehlerhaften Prozesses: 0x%9

Startzeit der fehlerhaften Anwendung: 0xmscorsvw.exe0

Pfad der fehlerhaften Anwendung: mscorsvw.exe1

Pfad des fehlerhaften Moduls: mscorsvw.exe2

Berichtskennung: mscorsvw.exe3
 

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime) (EventID: 1023) (User: )

Description: .NET Runtime version 2.0.50727.5483 - Schwerwiegender Fehler im Ausführungsmodul (725CFB66) (80131506).
 

Error: (10/09/2014 00:20:26 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/09/2014 00:12:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/09/2014 00:09:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )

Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
 
 

Details:

Could not query the status of the EventSystem service.
 

System Error:

Der Computer wird heruntergefahren.

.
 

Error: (10/09/2014 11:37:57 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
 

System errors:

=============

Error: (10/10/2014 03:08:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "BlueStacks Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (10/10/2014 03:06:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

sptd
 

Error: (10/10/2014 03:05:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (10/10/2014 03:04:32 AM) (Source: sptd) (EventID: 4) (User: )

Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.
 

Error: (10/10/2014 02:49:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

sptd
 

Error: (10/10/2014 02:49:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.
 

Error: (10/10/2014 02:46:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (10/10/2014 02:46:24 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎10.‎10.‎2014 um 02:45:02 unerwartet heruntergefahren.
 

Error: (10/10/2014 02:45:58 AM) (Source: sptd) (EventID: 4) (User: )

Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.
 

Error: (10/10/2014 02:36:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
 
 

Microsoft Office Sessions:

=========================

Error: (10/10/2014 00:18:01 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/10/2014 00:17:58 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/10/2014 00:17:57 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x800706be 

System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 

Error: (10/10/2014 00:08:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mscorsvw.exe4.0.30319.1840852310992mscorwks.dll2.0.50727.5483530efdaac000000500003f94
 

Error: (10/10/2014 00:08:21 AM) (Source: .NET Runtime) (EventID: 1023) (User: )

Description: .NET Runtime version 2.0.50727.5483 - Schwerwiegender Fehler im Ausführungsmodul (725CFB66) (80131506).
 

Error: (10/09/2014 00:20:26 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/09/2014 00:12:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/09/2014 00:09:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )

Description: 

Details:

Could not query the status of the EventSystem service.
 

System Error:

Der Computer wird heruntergefahren.
 

Error: (10/09/2014 11:37:57 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-10-08 12:09:11.957

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-08 12:09:11.590

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-08 12:09:11.244

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 13:43:23.735

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 13:43:23.297

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 13:43:22.924

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 04:06:31.376

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 04:06:31.139

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-07 04:06:30.904

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-06 13:59:27.304

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz

Percentage of memory in use: 51%

Total physical RAM: 6135.17 MB

Available physical RAM: 2987.68 MB

Total Pagefile: 12268.52 MB

Available Pagefile: 9068.03 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB
 

==================== Drives ================================
 

Drive c: (Betriebssys) (Fixed) (Total:115.75 GB) (Free:20.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Programme) (Fixed) (Total:1023.87 GB) (Free:898.31 GB) NTFS

Drive e: (Wichtiges) (Fixed) (Total:931.5 GB) (Free:185.54 GB) NTFS

Drive f: (Volume) (Fixed) (Total:886.45 GB) (Free:492.13 GB) NTFS

Drive g: (Spiele) (Fixed) (Total:465.76 GB) (Free:341.84 GB) NTFS

Drive h: (Betriebssys 2) (Fixed) (Total:723.4 GB) (Free:522.17 GB) NTFS

Drive i: (Spiele 3) (Fixed) (Total:976.56 GB) (Free:849.94 GB) NTFS

Drive j: (Musik&Bilder) (Fixed) (Total:936.58 GB) (Free:188.07 GB) NTFS

Drive k: () (Fixed) (Total:926.44 GB) (Free:891.41 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F88326EF)

Partition 1: (Active) - (Size=115.7 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1023.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=723.4 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F883268C)

Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=886.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 6A1CCFD9)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)
 

========================================================

Disk: 3 (Size: 465.8 GB) (Disk ID: 2EE023AC)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)

Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

eine zwischen frage...kann man einen festen tower vom systhem stand wieder so hinbekommen wie an disen tag als er hergestellt wurde

schrauber

10.10.2014 19:19

Zitat:

eine zwischen frage...kann man einen festen tower vom systhem stand wieder so hinbekommen wie an disen tag als er hergestellt wurde

Ich versteh kein Wort.

Hast Du die letzten Anweisungen abgearbeitet?

Williwu

12.10.2014 19:18

dachte ich müsste von forne anfangen aber ok hier hast du TxT von JRTJRT Logfile:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.2 (10.09.2014:1)

OS: Windows 7 Home Premium x64

Ran by Grisu on 10.10.2014 at  3:33:24,30

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 

Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\extensions\toolbar@gmx.net

Emptied folder: C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\minidumps [2 files]
 
 
 

~~~ Chrome
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 10.10.2014 at  3:39:29,23

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

die aktuellste LOG-files von Jrt letzter stand als aufgabe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Home Premium x64
Ran by Grisu on 10.10.2014 at 3:33:24,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\extensions\toolbar@gmx.net
Emptied folder: C:\Users\Grisu\AppData\Roaming\mozilla\firefox\profiles\t2l1m1y7.default-1407286514912\minidumps [2 files]

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.10.2014 at 3:39:29,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber

13.10.2014 14:29

In der letzten Anweisung stand nicht nur Junkware Removal Tool ;)

Williwu

14.10.2014 02:04

sry übersehenAdwCleaner Logfile:

Code:

# AdwCleaner v4.000 - Bericht erstellt am 14/10/2014 um 02:25:25

# Aktualisiert 12/10/2014 von Xplode

# Datenbank : 2014-10-13.5

# Betriebssystem : Windows 7 Home Premium  (64 bits)

# Benutzername : Grisu - GRISU-PC

# Gestartet von : C:\Users\Grisu\Desktop\Trojaner software\adwcleaner_4.000.exe

# Option : Suchen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gefunden : C:\Program Files (x86)\Enigma Software Group

Ordner Gefunden : C:\Program Files\Enigma Software Group
 

***** [ Tasks ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden : HKLM\SOFTWARE\EnigmaSoftwareGroup

Schlüssel Gefunden : [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17239
 
 

-\\ Mozilla Firefox v32.0.3 (x86 de)
 
 

-\\ Google Chrome v37.0.2062.124
 
 

*************************
 

AdwCleaner[R0].txt - [2809 octets] - [11/06/2014 19:32:51]

AdwCleaner[R10].txt - [2578 octets] - [02/10/2014 01:33:36]

AdwCleaner[R11].txt - [4705 octets] - [08/10/2014 13:01:36]

AdwCleaner[R12].txt - [4766 octets] - [08/10/2014 14:22:43]

AdwCleaner[R13].txt - [2520 octets] - [09/10/2014 11:58:57]

AdwCleaner[R14].txt - [2556 octets] - [10/10/2014 03:01:21]

AdwCleaner[R15].txt - [1278 octets] - [14/10/2014 02:25:25]

AdwCleaner[R1].txt - [1995 octets] - [11/06/2014 20:05:47]

AdwCleaner[R2].txt - [1647 octets] - [27/06/2014 07:24:58]

AdwCleaner[R3].txt - [1560 octets] - [02/07/2014 21:05:17]

AdwCleaner[R4].txt - [1882 octets] - [14/07/2014 11:41:24]

AdwCleaner[R5].txt - [1555 octets] - [18/07/2014 18:21:20]

AdwCleaner[R6].txt - [1675 octets] - [21/07/2014 09:20:27]

AdwCleaner[R7].txt - [1795 octets] - [23/07/2014 09:34:17]

AdwCleaner[R8].txt - [2240 octets] - [12/09/2014 08:18:29]

AdwCleaner[R9].txt - [4991 octets] - [02/10/2014 01:18:34]

AdwCleaner[S0].txt - [2762 octets] - [11/06/2014 19:33:59]

AdwCleaner[S10].txt - [4675 octets] - [08/10/2014 14:27:47]

AdwCleaner[S11].txt - [2536 octets] - [09/10/2014 12:08:06]

AdwCleaner[S12].txt - [2618 octets] - [10/10/2014 03:03:34]

AdwCleaner[S1].txt - [2056 octets] - [11/06/2014 20:07:02]

AdwCleaner[S2].txt - [1608 octets] - [27/06/2014 07:27:15]

AdwCleaner[S3].txt - [1521 octets] - [02/07/2014 21:06:28]

AdwCleaner[S4].txt - [1892 octets] - [14/07/2014 11:42:45]

AdwCleaner[S5].txt - [1616 octets] - [18/07/2014 18:22:15]

AdwCleaner[S6].txt - [1736 octets] - [21/07/2014 09:31:33]

AdwCleaner[S7].txt - [2205 octets] - [12/09/2014 08:31:37]

AdwCleaner[S8].txt - [4963 octets] - [02/10/2014 01:20:48]

AdwCleaner[S9].txt - [2638 octets] - [02/10/2014 01:35:05]
 

########## EOF - C:\AdwCleaner\AdwCleaner[R15].txt - [2662 octets] ##########

--- --- ---

habe es danach sofort gelösch was der bericht sagte

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 14.10.2014
Suchlauf-Zeit: 02:46:22
Logdatei: Anti-MaleWare.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.13.10
Rootkit Datenbank: v2014.10.11.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Grisu

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365090
Verstrichene Zeit: 16 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)

(end)

schrauber

14.10.2014 20:13

AdwCleaner auch löschen lassen.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Williwu

15.10.2014 12:30

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6715594965556d4f8d18e2a093a9df6e
# engine=20601
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-15 11:13:40
# local_time=2014-10-15 01:13:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 0 44849642 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1586514 165001470 0 0
# compatibility_mode_1='ESET Smart Security 7.0'
# compatibility_mode=8221 16777213 100 100 6838152 33951362 0 0
# scanned=731548
# found=0
# cleaned=0
# scan_time=35604
# nod_component=V3 Build:0x30000000

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 7.0
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Adobe Flash Player 15.0.0.152
Mozilla Firefox (32.0.3)
Google Chrome 37.0.2062.124
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014

Ran by Grisu (administrator) on GRISU-PC on 15-10-2014 13:28:46

Running from C:\Users\Grisu\Desktop\Trojaner software

Loaded Profile: Grisu (Available profiles: Grisu)

Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe

(Dropbox, Inc.) C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk

ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk

ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]

FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]

FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 

Chrome: 

=======

CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]

CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-09-26]

CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]

CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]

CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-09-26]

CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-09-26]

CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-09-26]

CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]

CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]

CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-09-26]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-07-06] () [File not signed]

R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]

S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)

S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)

S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)

S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]

S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)

R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)

U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)

R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)

R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)

R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] (Duplex Secure Ltd.)

R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 gwfilt64; system32\drivers\gwfilt64.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-14 03:04 - 2014-10-14 03:04 - 00001142 _____ () C:\Users\Grisu\Desktop\Anti-MaleWare.txt

2014-10-14 02:41 - 2014-10-14 02:41 - 00000314 _____ () C:\Windows\PFRO.log

2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\4.0

2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\.tfo4

2014-10-12 21:27 - 2014-10-12 21:36 - 28076375 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part3.rar

2014-10-12 10:07 - 2014-10-12 10:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04E23FBD.sys

2014-10-12 10:04 - 2014-10-12 10:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BA03D9F.sys

2014-10-11 12:33 - 2014-10-11 13:42 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part2.rar

2014-10-11 10:26 - 2014-10-11 10:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0781265D.sys

2014-10-10 09:43 - 2014-10-10 09:43 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-10-10 09:40 - 2014-10-10 09:40 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-10-10 09:22 - 2014-10-15 03:03 - 00003045 _____ () C:\Windows\setupact.log

2014-10-10 09:22 - 2014-10-10 09:22 - 00000000 _____ () C:\Windows\setuperr.log

2014-10-10 08:53 - 2014-10-10 08:53 - 13309928 _____ (BlueStack Systems Inc.) C:\Users\Grisu\Downloads\BlueStacks-SplitInstaller_native.exe

2014-10-10 06:50 - 2014-10-10 06:54 - 163978588 _____ () C:\Users\Grisu\Downloads\U2-Songs_Of_Innocence-%28Deluxe_Edition%29-2CD-2014-BriBerY.rar

2014-10-10 06:11 - 2014-10-10 06:11 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-10-10 06:00 - 2014-10-10 06:00 - 00001088 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VS Revo Group

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-10-10 06:00 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys

2014-10-10 05:56 - 2014-10-10 07:04 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part1.rar

2014-10-10 05:55 - 2014-10-10 05:58 - 50068373 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_06.10.2014-CannaPower.rar

2014-10-10 00:58 - 2014-10-10 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2E653FC9.sys

2014-10-09 12:24 - 2014-10-09 13:20 - 00000000 ___SD () C:\ComboFix

2014-10-08 15:19 - 2014-10-08 15:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Sinvise Systems

2014-10-08 15:10 - 2014-10-08 15:10 - 01125200 _____ () C:\Users\Grisu\Downloads\Shutdown Timer 32 Bit - CHIP-Installer.exe

2014-10-08 14:58 - 2014-10-08 14:58 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-10-08 14:57 - 2014-10-08 14:57 - 02347384 _____ (ESET) C:\Users\Grisu\Downloads\esetsmartinstaller_deu.exe

2014-10-08 14:55 - 2014-10-08 14:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys

2014-10-08 04:15 - 2014-10-08 04:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip

2014-10-08 03:52 - 2014-10-09 13:33 - 00000000 ____D () C:\Users\Grisu\Downloads\Android-Root-Tool

2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\EGLTD

2014-10-07 14:47 - 2014-10-07 14:47 - 02941840 _____ (Microsoft Corporation) C:\Users\Grisu\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe

2014-10-05 14:38 - 2014-10-15 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-04 02:20 - 2014-10-04 02:27 - 291852366 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x86-RefreshPkg.msu

2014-10-03 14:18 - 2014-10-03 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys

2014-10-02 09:35 - 2014-10-02 09:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip

2014-10-02 08:56 - 2014-10-14 02:39 - 00270078 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt

2014-10-02 02:15 - 2014-10-15 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-02 02:08 - 2014-10-02 02:08 - 00001768 _____ () C:\sc-cleaner.txt

2014-10-02 02:07 - 2014-10-02 02:07 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Grisu\Downloads\sc-cleaner.exe

2014-10-02 01:43 - 2014-10-02 01:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-10-02 01:27 - 2014-10-02 01:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe

2014-10-02 01:16 - 2014-10-02 01:18 - 00068191 _____ () C:\Users\Grisu\Downloads\FRST.txt

2014-10-01 12:25 - 2014-10-01 12:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys

2014-10-01 00:19 - 2014-10-01 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys

2014-09-29 14:13 - 2014-10-01 12:05 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt

2014-09-28 12:49 - 2014-09-28 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\319F42D4.sys

2014-09-28 12:09 - 2014-09-28 12:09 - 00335504 _____ (Bytro Labs) C:\Users\Grisu\Downloads\S1914JavaInstaller.exe

2014-09-26 17:26 - 2014-09-26 17:26 - 00000000 ____D () C:\Users\Grisu\Downloads\SpyHunter-v4.15.1.4270-Incl-Crack---[MUMBAI]

2014-09-26 16:12 - 2014-09-26 16:12 - 00000310 _____ () C:\CCALib8WS.log

2014-09-26 16:11 - 2014-09-26 17:36 - 00000000 ____D () C:\sh4ldr

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft

2014-09-26 13:36 - 2014-09-26 13:36 - 00000000 ____D () C:\Users\Grisu\Desktop\Advanced Archive Password Recovery Professional 4.54.48

2014-09-26 13:35 - 2014-09-26 13:35 - 07328167 _____ () C:\Users\Grisu\Downloads\Advanced Archive Password Recovery.zip

2014-09-26 13:13 - 2014-09-26 13:13 - 00000000 _____ () C:\Users\Grisu\Downloads\Spy_Hunter_4_Crack_Full.exe

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Users\Grisu\Desktop\Canon

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 _____ () C:\autoexec.bat

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\X86

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\AMD64

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpteOn

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpitOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpteOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpitOn

2014-09-26 03:00 - 2014-09-26 04:52 - 00000000 ____D () C:\Program Files (x86)\ORBTR

2014-09-26 01:47 - 2014-10-02 01:36 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-09-26 01:47 - 2014-09-26 03:01 - 00000000 ____D () C:\ProgramData\dad537a8ea1f6947

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator

2014-09-26 01:30 - 2014-09-26 01:30 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn(1).rar

2014-09-26 01:29 - 2014-09-26 01:29 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn.rar

2014-09-25 21:38 - 2014-10-08 11:44 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC

2014-09-25 21:32 - 2014-09-26 03:24 - 00000000 ___RD () C:\Users\Grisu\Desktop\104CANON

2014-09-25 21:31 - 2014-09-25 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-09-25 21:30 - 2014-09-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-09-25 21:29 - 2014-09-25 21:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\canon

2014-09-25 21:28 - 2014-09-25 21:28 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC

2014-09-24 23:32 - 2014-09-24 23:33 - 00001703 _____ () C:\Users\Grisu\Downloads\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip

2014-09-24 23:19 - 2014-09-24 23:24 - 00000000 ____D () C:\Users\Grisu\Downloads\odbg110

2014-09-24 23:19 - 2014-09-24 23:19 - 01333471 _____ () C:\Users\Grisu\Downloads\odbg110.zip

2014-09-24 22:06 - 2014-09-24 22:06 - 00521216 _____ (PainteR) C:\Users\Grisu\Downloads\Adobe Universal Patcher.exe

2014-09-24 11:32 - 2014-09-24 11:32 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk

2014-09-24 10:45 - 2014-09-24 10:45 - 00001711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk

2014-09-24 01:24 - 2014-09-24 01:29 - 00000000 ____D () C:\Users\Grisu\Downloads\Adobe_Photoshop_Lightroom_5_6_keygen

2014-09-24 01:21 - 2014-09-24 01:21 - 00000000 ____D () C:\Users\Grisu\Documents\Adobe

2014-09-24 00:51 - 2014-09-24 00:53 - 00007510 _____ () C:\Users\Grisu\Adobe Creative Suite Cleaner Tool.log

2014-09-24 00:50 - 2014-09-24 00:53 - 00000000 ____D () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool

2014-09-24 00:49 - 2014-09-24 00:50 - 08098376 _____ () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool.zip

2014-09-23 01:50 - 2014-09-23 03:16 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part02.rar

2014-09-22 12:05 - 2014-09-22 13:36 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part01.rar

2014-09-22 03:31 - 2014-09-22 03:31 - 00000000 ____D () C:\ProgramData\Codemasters

2014-09-22 03:15 - 2014-09-22 03:15 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Windows\SysWOW64\xlive

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-09-22 03:03 - 2014-09-22 03:03 - 00000000 ____D () C:\Program Files (x86)\OpenAL

2014-09-22 02:48 - 2014-09-22 02:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\095B6173.sys

2014-09-20 16:31 - 2014-10-13 12:25 - 00070172 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods

2014-09-20 16:22 - 2014-10-12 11:03 - 00020028 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods

2014-09-19 12:55 - 2014-09-19 12:55 - 13629321 _____ () C:\Users\Grisu\Downloads\The-Next-Generation.rar

2014-09-19 12:55 - 2014-09-19 12:55 - 05895249 _____ () C:\Users\Grisu\Downloads\Was-kommt-danach.rar

2014-09-19 12:54 - 2014-09-19 12:56 - 54808864 _____ () C:\Users\Grisu\Downloads\Liebe---Schmerz.rar

2014-09-19 12:54 - 2014-09-19 12:55 - 07495120 _____ () C:\Users\Grisu\Downloads\Meine-eigene-Lieder.rar

2014-09-19 02:02 - 2014-10-15 03:04 - 00000000 ___RD () C:\Users\Grisu\Dropbox

2014-09-19 02:01 - 2014-09-18 14:59 - 00001021 _____ () C:\Users\Grisu\Desktop\Dropbox.lnk

2014-09-18 14:59 - 2014-09-18 14:59 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-09-18 14:56 - 2014-10-15 03:04 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox

2014-09-18 14:55 - 2014-09-24 09:59 - 00000000 ____D () C:\Users\Grisu\Desktop\Adobe CS6 All Products Activator (x32 & x64)

2014-09-18 14:53 - 2014-09-18 14:54 - 41377280 _____ (Dropbox, Inc.) C:\Users\Grisu\Downloads\Dropbox_2.10.30.exe

2014-09-18 14:07 - 2014-09-18 14:07 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PDAppFlex

2014-09-18 12:04 - 2014-09-18 12:04 - 00030392 _____ () C:\Users\Grisu\Downloads\excel-vorlagen-haushaltsbuch.zip

2014-09-18 11:49 - 2014-09-18 11:49 - 00034304 _____ () C:\Users\Grisu\Downloads\wochenplan.xls

2014-09-18 11:44 - 2014-09-18 11:45 - 07441742 _____ () C:\Users\Grisu\Downloads\Unternehmensbereich-Aktuelles-SoundOfWork-3029_41456-0.zip

2014-09-18 11:34 - 2014-09-18 12:59 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part02.rar

2014-09-18 09:52 - 2014-09-18 11:17 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part01.rar

2014-09-17 23:28 - 2014-09-17 23:28 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67 (1).exe

2014-09-17 22:30 - 2014-09-17 22:30 - 00000000 ___RD () C:\Users\Grisu\Creative Cloud Files

2014-09-17 11:40 - 2014-09-17 11:40 - 00031408 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004.zip

2014-09-17 11:35 - 2014-09-17 11:35 - 01101648 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004 - CHIP-Installer.exe

2014-09-17 11:06 - 2014-09-17 11:36 - 00002269 _____ () C:\Users\Grisu\Desktop\Datenbank Open Office.odb

2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\OpenOffice

2014-09-17 08:21 - 2014-09-17 08:21 - 00000855 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk

2014-09-17 08:21 - 2014-09-17 08:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

2014-09-17 06:35 - 2014-09-17 06:36 - 01101648 _____ () C:\Users\Grisu\Downloads\OpenOffice - CHIP-Installer.exe

2014-09-16 12:24 - 2014-09-16 12:25 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 15 Demo

2014-09-16 10:25 - 2014-09-16 10:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A3A2363.sys

2014-09-15 21:47 - 2014-09-15 21:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-09-15 21:47 - 2014-09-15 21:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Java

2014-09-15 21:44 - 2014-09-15 21:44 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67.exe

2014-09-15 21:39 - 2014-09-15 21:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Sun

2014-09-15 12:01 - 2014-10-10 09:34 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-09-15 09:32 - 2014-09-15 09:34 - 96138664 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\jre-8u20-windows-x64.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-15 13:28 - 2014-07-18 18:11 - 00000000 ____D () C:\FRST

2014-10-15 13:28 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software

2014-10-15 13:18 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet

2014-10-15 12:54 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-15 12:32 - 2014-07-29 10:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-15 06:32 - 2014-07-29 10:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-15 03:14 - 2014-08-04 02:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe

2014-10-15 03:10 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-15 03:10 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-15 03:09 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-15 03:05 - 2014-06-03 09:07 - 01831687 _____ () C:\Windows\WindowsUpdate.log

2014-10-15 03:04 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-10-15 03:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-14 02:40 - 2014-06-11 19:32 - 00000000 ____D () C:\AdwCleaner

2014-10-14 02:10 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu

2014-10-13 02:08 - 2014-06-23 12:56 - 00000000 ____D () C:\ProgramData\Origin

2014-10-13 01:28 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14

2014-10-12 22:50 - 2014-06-23 12:55 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-10-11 11:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-10-10 09:58 - 2014-09-09 14:35 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-10-10 09:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-10-10 09:32 - 2013-01-22 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik

2014-10-10 06:35 - 2009-07-14 19:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat

2014-10-10 06:35 - 2009-07-14 19:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat

2014-10-10 06:35 - 2009-07-14 07:13 - 01685660 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-10 06:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-10 04:03 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe

2014-10-10 03:57 - 2014-07-18 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-10 03:52 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-10-10 00:16 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen

2014-10-09 12:31 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Netzmanager

2014-10-08 15:02 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede

2014-10-08 11:44 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-10-08 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-10-06 15:17 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent

2014-10-05 16:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-04 02:28 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-10-04 02:02 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-10-03 23:34 - 2014-08-05 03:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader

2014-10-02 05:51 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-10-02 01:29 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-09-30 12:26 - 2014-07-25 00:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity

2014-09-29 01:11 - 2014-09-11 09:05 - 00000769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk

2014-09-29 01:11 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager

2014-09-27 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-09-26 23:53 - 2014-07-19 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260

2014-09-26 23:53 - 2014-07-19 12:21 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-09-26 17:11 - 2014-07-18 18:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\ICQM

2014-09-26 06:27 - 2014-07-29 10:57 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-26 06:27 - 2014-07-29 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-26 06:27 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-26 05:56 - 2014-06-18 12:34 - 00000774 _____ () C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk

2014-09-26 05:55 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:53 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:51 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

2014-09-26 05:08 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore

2014-09-26 04:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-09-26 03:44 - 2014-07-22 06:08 - 00000000 ____D () C:\Windows\Sun

2014-09-26 01:46 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google

2014-09-26 01:30 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-25 23:51 - 2014-06-25 11:25 - 00000000 ____D () C:\Windows\pss

2014-09-25 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA

2014-09-24 23:08 - 2009-07-14 06:45 - 05157960 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-24 14:59 - 2014-06-03 10:55 - 00118680 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-24 11:33 - 2014-07-18 09:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-09-24 09:59 - 2014-07-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-24 09:59 - 2014-07-07 16:41 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Ubisoft

2014-09-24 09:58 - 2014-07-18 09:49 - 00000000 ____D () C:\ProgramData\Adobe

2014-09-22 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-09-22 03:03 - 2014-07-18 10:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-09-20 19:55 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump

2014-09-17 22:41 - 2014-06-19 12:37 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Apps\2.0

2014-09-17 22:25 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache

2014-09-15 23:00 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Spiele

2014-09-15 23:00 - 2014-06-05 14:57 - 00000000 ____D () C:\Windows\erdnt

2014-09-15 23:00 - 2014-06-03 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-09-15 21:47 - 2014-06-10 02:34 - 00000000 ____D () C:\ProgramData\Oracle

2014-09-15 21:32 - 2014-07-28 23:36 - 00000000 ____D () C:\Program Files\Java

2014-09-15 21:09 - 2014-06-05 15:23 - 00000000 ____D () C:\Users\Grisu\Desktop\Arbeitsangaben VIP

2014-09-15 09:35 - 2014-07-28 23:36 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-09-15 09:35 - 2014-07-28 23:36 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-09-15 09:35 - 2014-07-28 23:36 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
 

Some content of TEMP:

====================

C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvedj71.dll

C:\Users\Grisu\AppData\Local\Temp\FileSystemView.dll

C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe

C:\Users\Grisu\AppData\Local\Temp\sqlite3.dll

C:\Users\Grisu\AppData\Local\Temp\VSUSetup.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-26 08:47
 

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber

15.10.2014 20:53

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Williwu

16.10.2014 10:03

dankeschön für die Hilfe am PC...hat zwar leider lange gedauert und auch viel mühe und not gekostet, kraft verbraucht aber ohne die Hilfe wären wir nicht an einem positiven ende gekommen.

danke danke danke

schrauber

16.10.2014 18:43

Gern Geschehen :)

Williwu

16.10.2014 23:52

obwohl du kleine frage kann man das selbe auch mit dem PC machen der ist bestimmt noch bis heute verseucht und ich würde ihn gerne wieder so schnell haben wie nach dem kauf

schrauber

17.10.2014 20:19

poste mal FRST Logs von dem PC :)

Williwu

17.10.2014 22:01

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02

Ran by Grisu (administrator) on GRISU-PC on 17-10-2014 22:58:10

Running from C:\Users\Grisu\Desktop\Trojaner software

Loaded Profile: Grisu (Available profiles: Grisu)

Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Dropbox, Inc.) C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe

(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk

ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk

ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()

FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()

FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]

FF Extension: NoScript - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-16]

FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]

FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 

Chrome: 

=======

CHR HomePage: Default -> 

CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]

CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-09-26]

CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]

CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]

CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-09-26]

CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-09-26]

CHR Extension: (Virtual Keyboard) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-09-26]

CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]

CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]

CHR Extension: (Anti-Banner) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-09-26]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-07-06] () [File not signed]

R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]

S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)

S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)

S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)

S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]

S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)

R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)

U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)

R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)

R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)

R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)

S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-06-03] (Duplex Secure Ltd.)

R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 gwfilt64; system32\drivers\gwfilt64.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 

========================== Drivers MD5 =======================
 

C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit

C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6

C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\kl1.sys 795EC29BA21F1D948FD6FD740C00B599

C:\Windows\System32\DRIVERS\klflt.sys D0C3AEF67932D2A80736FBCB956C017D

C:\Windows\System32\DRIVERS\klif.sys 41DF293A7F0418F5DDED9F0297DC68F3

C:\Windows\System32\DRIVERS\klim6.sys 31B69BFF28348503E4BD10C2A4F66D05

C:\Windows\System32\DRIVERS\klkbdflt.sys 8DA5BC75C3E8A995335642F26CAEA54B

C:\Windows\System32\DRIVERS\klmouflt.sys 72CF64FBF38CD681FA7F37176047E967

C:\Windows\System32\DRIVERS\klpd.sys 8C0EC95AD65A0DE3D6C040591D02BF02

C:\Windows\System32\DRIVERS\kltdi.sys 4828B3D2BC89B05E07101C6E60CE0A6A

C:\Windows\System32\DRIVERS\kneps.sys 91BC1C5B00275A4D7FD669EFF0DDEB2A

C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC

C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB

C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8

C:\Windows\system32\drivers\mbamchameleon.sys 9D9ED48F841EA37AA5310D54B9E5D3C7

C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60

C:\Windows\system32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647

C:\Windows\system32\drivers\mwac.sys 15E8ABC06843672955CE26A009533BAD

C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit

C:\Windows\System32\drivers\modem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit

C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404

C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC

C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163

C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C

C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit

C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit

C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit

C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88

C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit

C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2

C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit

C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415

C:\Windows\System32\DRIVERS\nvlddmkm.sys 0AC797F70F2F3E5B69A34FF2F63496F3

C:\Windows\system32\DRIVERS\nvraid.sys 0A92CB65770442ED0DC44834632F66AD

C:\Windows\system32\DRIVERS\nvstor.sys DAB0E87525C10052BF65F06152F37E4A

C:\Windows\System32\drivers\nvvad64v.sys 75034A4D7C02327D150B617571D4196A

C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit

C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C

C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit

C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit

C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\psi_mf_amd64.sys DD3FD48D69F5FBBB21D46D1514C1C2DB

C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A

C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D

C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit

C:\Windows\System32\Drivers\SCDEmu.sys 158F1C92B48150F603FB558D84A5B48E

C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit

C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit

C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit

C:\Windows\System32\Drivers\sptd.sys 4C33F139236FD9BD14A920F60C1CB072

C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B

C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28

C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3

C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit

C:\Windows\System32\drivers\tbhsd.sys 048CFE7569D6ADCAB9349BB1A566A79E

C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E

C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E

C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC

C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8

C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit

D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys 4283D7125BA4BD0CB50BB0F78B54257A

C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09

C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit

C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2

C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A

C:\Windows\system32\DRIVERS\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31

C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965

C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA

C:\Windows\system32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC

C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24

C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6

C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3

C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7

C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit

C:\Windows\System32\drivers\vga.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit

C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit

C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8

C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit

C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D

C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit

C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit

C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F

C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-17 22:53 - 2014-10-17 22:58 - 00000000 ____D () C:\FRST

2014-10-17 09:35 - 2014-10-17 09:51 - 00056368 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014 - Kopie.ods

2014-10-17 01:06 - 2014-10-17 08:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0B2A46DE.sys

2014-10-17 00:50 - 2014-10-17 00:50 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfe993939fd0f4

2014-10-17 00:50 - 2014-10-17 00:50 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfe993939fd0f4.job

2014-10-17 00:49 - 2014-10-17 00:49 - 00880272 _____ (Google Inc.) C:\Users\Grisu\Downloads\ChromeSetup.exe

2014-10-17 00:47 - 2014-10-16 10:26 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-10-17 00:45 - 2014-10-17 00:50 - 00000861 _____ () C:\Windows\SecuniaPackage.log

2014-10-16 10:34 - 2014-10-16 10:36 - 00001772 _____ () C:\DelFix.txt

2014-10-16 10:34 - 2014-10-16 10:34 - 00001080 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

2014-10-16 10:34 - 2014-10-16 10:34 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Secunia PSI

2014-10-16 10:34 - 2014-10-16 10:34 - 00000000 ____D () C:\Program Files (x86)\Secunia

2014-10-16 10:30 - 2014-10-16 10:31 - 00541865 _____ () C:\Users\Grisu\Downloads\noscript_security_suite-2.6.9.1-fn_fx_sm.zip

2014-10-16 10:27 - 2014-10-16 10:27 - 05329480 _____ (Secunia) C:\Users\Grisu\Downloads\PSISetup_3.0.0.9016.exe

2014-10-15 13:04 - 2014-10-15 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-14 02:41 - 2014-10-14 02:41 - 00000314 _____ () C:\Windows\PFRO.log

2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\4.0

2014-10-14 02:10 - 2014-10-14 02:10 - 00000000 ____D () C:\Users\Grisu\.tfo4

2014-10-12 21:27 - 2014-10-12 21:36 - 28076375 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part3.rar

2014-10-12 10:07 - 2014-10-12 10:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04E23FBD.sys

2014-10-12 10:04 - 2014-10-12 10:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BA03D9F.sys

2014-10-11 12:33 - 2014-10-11 13:42 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part2.rar

2014-10-11 10:26 - 2014-10-11 10:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0781265D.sys

2014-10-10 09:43 - 2014-10-10 09:43 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-10-10 09:40 - 2014-10-10 09:40 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-10-10 09:34 - 2014-10-10 09:34 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-10-10 09:22 - 2014-10-17 21:23 - 00003325 _____ () C:\Windows\setupact.log

2014-10-10 09:22 - 2014-10-10 09:22 - 00000000 _____ () C:\Windows\setuperr.log

2014-10-10 08:53 - 2014-10-10 08:53 - 13309928 _____ (BlueStack Systems Inc.) C:\Users\Grisu\Downloads\BlueStacks-SplitInstaller_native.exe

2014-10-10 06:50 - 2014-10-10 06:54 - 163978588 _____ () C:\Users\Grisu\Downloads\U2-Songs_Of_Innocence-%28Deluxe_Edition%29-2CD-2014-BriBerY.rar

2014-10-10 06:11 - 2014-10-10 06:11 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-10-10 06:00 - 2014-10-10 06:00 - 00001088 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VS Revo Group

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-10-10 06:00 - 2014-10-10 06:00 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-10-10 06:00 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys

2014-10-10 05:56 - 2014-10-10 07:04 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part1.rar

2014-10-10 05:55 - 2014-10-10 05:58 - 50068373 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_06.10.2014-CannaPower.rar

2014-10-10 00:58 - 2014-10-10 09:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2E653FC9.sys

2014-10-08 15:19 - 2014-10-08 15:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems

2014-10-08 15:13 - 2014-10-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Sinvise Systems

2014-10-08 15:10 - 2014-10-08 15:10 - 01125200 _____ () C:\Users\Grisu\Downloads\Shutdown Timer 32 Bit - CHIP-Installer.exe

2014-10-08 14:55 - 2014-10-08 14:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys

2014-10-08 04:15 - 2014-10-08 04:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip

2014-10-08 03:52 - 2014-10-08 03:52 - 00000000 ____D () C:\EGLTD

2014-10-07 14:47 - 2014-10-07 14:47 - 02941840 _____ (Microsoft Corporation) C:\Users\Grisu\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe

2014-10-05 14:38 - 2014-10-16 10:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-04 02:20 - 2014-10-04 02:27 - 291852366 _____ () C:\Users\Grisu\Downloads\Windows6.1-KB968211-x86-RefreshPkg.msu

2014-10-03 14:18 - 2014-10-03 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys

2014-10-02 09:35 - 2014-10-02 09:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip

2014-10-02 08:56 - 2014-10-14 02:39 - 00270078 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt

2014-10-02 01:43 - 2014-10-02 01:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-10-02 01:27 - 2014-10-02 01:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe

2014-10-01 12:25 - 2014-10-01 12:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys

2014-10-01 00:19 - 2014-10-01 00:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys

2014-09-29 14:13 - 2014-10-01 12:05 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt

2014-09-28 12:49 - 2014-09-28 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\319F42D4.sys

2014-09-28 12:09 - 2014-09-28 12:09 - 00335504 _____ (Bytro Labs) C:\Users\Grisu\Downloads\S1914JavaInstaller.exe

2014-09-26 16:12 - 2014-09-26 16:12 - 00000310 _____ () C:\CCALib8WS.log

2014-09-26 16:11 - 2014-09-26 17:36 - 00000000 ____D () C:\sh4ldr

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery

2014-09-26 13:38 - 2014-09-26 13:38 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft

2014-09-26 13:36 - 2014-09-26 13:36 - 00000000 ____D () C:\Users\Grisu\Desktop\Advanced Archive Password Recovery Professional 4.54.48

2014-09-26 13:35 - 2014-09-26 13:35 - 07328167 _____ () C:\Users\Grisu\Downloads\Advanced Archive Password Recovery.zip

2014-09-26 13:13 - 2014-09-26 13:13 - 00000000 _____ () C:\Users\Grisu\Downloads\Spy_Hunter_4_Crack_Full.exe

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 ____D () C:\Users\Grisu\Desktop\Canon

2014-09-26 05:05 - 2014-09-26 05:05 - 00000000 _____ () C:\autoexec.bat

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\X86

2014-09-26 03:02 - 2014-09-26 03:02 - 00000000 ____D () C:\Windows\SysWOW64\AMD64

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpteOn

2014-09-26 03:01 - 2014-09-26 04:12 - 00000000 ____D () C:\Program Files (x86)\OpitOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpteOn

2014-09-26 03:01 - 2014-09-26 03:44 - 00000000 ____D () C:\ProgramData\OpitOn

2014-09-26 03:00 - 2014-09-26 04:52 - 00000000 ____D () C:\Program Files (x86)\ORBTR

2014-09-26 01:47 - 2014-10-02 01:36 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-09-26 01:47 - 2014-09-26 03:01 - 00000000 ____D () C:\ProgramData\dad537a8ea1f6947

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Gast

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-09-26 01:46 - 2014-09-26 01:46 - 00000000 ____D () C:\Users\Administrator

2014-09-26 01:30 - 2014-09-26 01:30 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn(1).rar

2014-09-26 01:29 - 2014-09-26 01:29 - 00122467 _____ () C:\Users\Grisu\Downloads\PL5-6-Kgn.rar

2014-09-25 21:38 - 2014-10-08 11:44 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC

2014-09-25 21:32 - 2014-09-26 03:24 - 00000000 ___RD () C:\Users\Grisu\Desktop\104CANON

2014-09-25 21:31 - 2014-09-25 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-09-25 21:30 - 2014-09-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-09-25 21:29 - 2014-09-25 21:46 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\canon

2014-09-25 21:28 - 2014-09-25 21:28 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC

2014-09-24 23:32 - 2014-09-24 23:33 - 00001703 _____ () C:\Users\Grisu\Downloads\Adobe Photoshop Lightroom 5.2 [64 bit] (Serials ONLY).zip

2014-09-24 23:19 - 2014-09-24 23:24 - 00000000 ____D () C:\Users\Grisu\Downloads\odbg110

2014-09-24 23:19 - 2014-09-24 23:19 - 01333471 _____ () C:\Users\Grisu\Downloads\odbg110.zip

2014-09-24 22:06 - 2014-09-24 22:06 - 00521216 _____ (PainteR) C:\Users\Grisu\Downloads\Adobe Universal Patcher.exe

2014-09-24 11:32 - 2014-09-24 11:32 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk

2014-09-24 10:45 - 2014-09-24 10:45 - 00001711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk

2014-09-24 01:24 - 2014-09-24 01:29 - 00000000 ____D () C:\Users\Grisu\Downloads\Adobe_Photoshop_Lightroom_5_6_keygen

2014-09-24 01:21 - 2014-09-24 01:21 - 00000000 ____D () C:\Users\Grisu\Documents\Adobe

2014-09-24 00:51 - 2014-09-24 00:53 - 00007510 _____ () C:\Users\Grisu\Adobe Creative Suite Cleaner Tool.log

2014-09-24 00:50 - 2014-09-24 00:53 - 00000000 ____D () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool

2014-09-24 00:49 - 2014-09-24 00:50 - 08098376 _____ () C:\Users\Grisu\Downloads\adobe_creative_suite_6cleaner_tool.zip

2014-09-23 01:50 - 2014-09-23 03:16 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part02.rar

2014-09-22 12:05 - 2014-09-22 13:36 - 1047527424 _____ () C:\Users\Grisu\Downloads\9846541212-ts4sg.part01.rar

2014-09-22 03:31 - 2014-09-22 03:31 - 00000000 ____D () C:\ProgramData\Codemasters

2014-09-22 03:15 - 2014-09-22 03:15 - 00001349 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Windows\SysWOW64\xlive

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

2014-09-22 03:15 - 2014-09-22 03:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-09-22 03:03 - 2014-09-22 03:03 - 00000000 ____D () C:\Program Files (x86)\OpenAL

2014-09-22 02:48 - 2014-09-22 02:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\095B6173.sys

2014-09-20 16:31 - 2014-10-17 10:48 - 00070197 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods

2014-09-20 16:22 - 2014-10-12 11:03 - 00020028 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods

2014-09-19 12:55 - 2014-09-19 12:55 - 13629321 _____ () C:\Users\Grisu\Downloads\The-Next-Generation.rar

2014-09-19 12:55 - 2014-09-19 12:55 - 05895249 _____ () C:\Users\Grisu\Downloads\Was-kommt-danach.rar

2014-09-19 12:54 - 2014-09-19 12:56 - 54808864 _____ () C:\Users\Grisu\Downloads\Liebe---Schmerz.rar

2014-09-19 12:54 - 2014-09-19 12:55 - 07495120 _____ () C:\Users\Grisu\Downloads\Meine-eigene-Lieder.rar

2014-09-19 02:02 - 2014-10-17 21:26 - 00000000 ___RD () C:\Users\Grisu\Dropbox

2014-09-19 02:01 - 2014-09-18 14:59 - 00001021 _____ () C:\Users\Grisu\Desktop\Dropbox.lnk

2014-09-18 14:59 - 2014-09-18 14:59 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-09-18 14:56 - 2014-10-17 21:26 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox

2014-09-18 14:55 - 2014-09-24 09:59 - 00000000 ____D () C:\Users\Grisu\Desktop\Adobe CS6 All Products Activator (x32 & x64)

2014-09-18 14:53 - 2014-09-18 14:54 - 41377280 _____ (Dropbox, Inc.) C:\Users\Grisu\Downloads\Dropbox_2.10.30.exe

2014-09-18 14:07 - 2014-09-18 14:07 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\PDAppFlex

2014-09-18 12:04 - 2014-09-18 12:04 - 00030392 _____ () C:\Users\Grisu\Downloads\excel-vorlagen-haushaltsbuch.zip

2014-09-18 11:49 - 2014-09-18 11:49 - 00034304 _____ () C:\Users\Grisu\Downloads\wochenplan.xls

2014-09-18 11:44 - 2014-09-18 11:45 - 07441742 _____ () C:\Users\Grisu\Downloads\Unternehmensbereich-Aktuelles-SoundOfWork-3029_41456-0.zip

2014-09-18 11:34 - 2014-09-18 12:59 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part02.rar

2014-09-18 09:52 - 2014-09-18 11:17 - 1047527424 _____ () C:\Users\Grisu\Downloads\984561244-ultstrfighiv.part01.rar

2014-09-17 23:28 - 2014-09-17 23:28 - 00918440 _____ (Oracle Corporation) C:\Users\Grisu\Downloads\chromeinstall-7u67 (1).exe

2014-09-17 22:30 - 2014-09-17 22:30 - 00000000 ___RD () C:\Users\Grisu\Creative Cloud Files

2014-09-17 11:40 - 2014-09-17 11:40 - 00031408 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004.zip

2014-09-17 11:35 - 2014-09-17 11:35 - 01101648 _____ () C:\Users\Grisu\Downloads\Arbeitszeit_2004 - CHIP-Installer.exe

2014-09-17 11:06 - 2014-09-17 11:36 - 00002269 _____ () C:\Users\Grisu\Desktop\Datenbank Open Office.odb

2014-09-17 10:15 - 2014-09-17 10:15 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\OpenOffice

2014-09-17 08:21 - 2014-09-17 08:21 - 00000855 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk

2014-09-17 08:21 - 2014-09-17 08:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

2014-09-17 06:35 - 2014-09-17 06:36 - 01101648 _____ () C:\Users\Grisu\Downloads\OpenOffice - CHIP-Installer.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-17 22:58 - 2014-06-16 02:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software

2014-10-17 22:54 - 2014-06-13 03:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-17 22:32 - 2014-07-29 10:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-17 22:01 - 2014-06-05 15:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-17 21:39 - 2014-06-03 10:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-10-17 21:31 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-17 21:31 - 2009-07-14 06:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-17 21:26 - 2014-06-03 09:07 - 01943981 _____ () C:\Windows\WindowsUpdate.log

2014-10-17 21:25 - 2014-07-29 10:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-17 21:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-17 09:07 - 2014-08-04 02:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe

2014-10-17 00:50 - 2014-07-29 10:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-10-17 00:50 - 2014-06-13 03:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-10-17 00:50 - 2014-06-03 11:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-10-17 00:50 - 2014-06-03 11:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-17 00:47 - 2014-09-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Java

2014-10-16 10:35 - 2014-06-18 23:30 - 00000000 ____D () C:\Windows\ERUNT

2014-10-16 10:28 - 2014-07-28 23:36 - 00000000 ____D () C:\Program Files\Java

2014-10-16 10:27 - 2014-09-15 21:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-10-16 10:26 - 2014-09-15 21:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-10-16 10:26 - 2014-09-15 21:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-10-16 10:26 - 2014-09-15 21:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-10-16 10:14 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-10-16 09:51 - 2014-07-19 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260

2014-10-16 09:51 - 2014-07-19 12:21 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-10-15 13:18 - 2014-06-06 02:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet

2014-10-14 02:10 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu

2014-10-13 02:08 - 2014-06-23 12:56 - 00000000 ____D () C:\ProgramData\Origin

2014-10-13 01:28 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14

2014-10-12 22:50 - 2014-06-23 12:55 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-10-11 11:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-10-10 09:58 - 2014-09-09 14:35 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-10-10 09:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-10-10 09:34 - 2014-09-15 12:01 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-10-10 09:32 - 2013-01-22 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik

2014-10-10 06:35 - 2009-07-14 19:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat

2014-10-10 06:35 - 2009-07-14 19:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat

2014-10-10 06:35 - 2009-07-14 07:13 - 01685660 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-10 06:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-10 04:03 - 2014-06-03 12:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe

2014-10-10 03:57 - 2014-07-18 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-10 03:52 - 2014-06-23 13:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-10-10 00:16 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen

2014-10-09 12:31 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Netzmanager

2014-10-08 15:02 - 2014-06-06 02:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede

2014-10-08 11:44 - 2014-06-03 17:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-10-08 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

2014-10-06 15:17 - 2014-06-03 14:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent

2014-10-05 16:22 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-04 02:28 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-10-04 02:02 - 2014-06-11 00:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-10-03 23:34 - 2014-08-05 03:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader

2014-10-02 05:51 - 2014-06-03 10:14 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-09-30 12:26 - 2014-07-25 00:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity

2014-09-29 01:11 - 2014-09-11 09:05 - 00000769 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk

2014-09-29 01:11 - 2014-09-11 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager

2014-09-27 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-09-26 17:11 - 2014-07-18 18:14 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\ICQM

2014-09-26 06:27 - 2014-07-29 10:57 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-26 06:27 - 2014-06-03 16:14 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-26 05:56 - 2014-06-18 12:34 - 00000774 _____ () C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk

2014-09-26 05:55 - 2014-06-11 14:27 - 00000725 _____ () C:\Users\Grisu\Desktop\Cheat Engine.lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk

2014-09-26 05:42 - 2014-07-18 09:56 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:53 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

2014-09-26 05:42 - 2014-07-18 09:51 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

2014-09-26 05:08 - 2014-06-03 09:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VirtualStore

2014-09-26 04:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-09-26 03:44 - 2014-07-22 06:08 - 00000000 ____D () C:\Windows\Sun

2014-09-26 01:46 - 2014-06-03 16:14 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Google

2014-09-26 01:30 - 2014-06-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-25 23:51 - 2014-06-25 11:25 - 00000000 ____D () C:\Windows\pss

2014-09-25 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA

2014-09-24 23:08 - 2009-07-14 06:45 - 05157960 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-24 14:59 - 2014-06-03 10:55 - 00118680 _____ () C:\Users\Grisu\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-24 11:33 - 2014-07-18 09:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-09-24 09:59 - 2014-07-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-24 09:59 - 2014-07-07 16:41 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Ubisoft

2014-09-24 09:58 - 2014-07-18 09:49 - 00000000 ____D () C:\ProgramData\Adobe

2014-09-22 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-09-22 03:03 - 2014-07-18 10:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-09-20 19:55 - 2014-06-14 04:00 - 00000000 ____D () C:\Windows\Minidump

2014-09-17 22:41 - 2014-06-19 12:37 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Apps\2.0

2014-09-17 22:25 - 2014-06-06 01:52 - 00000000 ____D () C:\ProgramData\Package Cache
 

Some content of TEMP:

====================

C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphwubvb.dll

C:\Users\Grisu\AppData\Local\Temp\FileSystemView.dll

C:\Users\Grisu\AppData\Local\Temp\InstallPlugin_15_0_0_189.exe

C:\Users\Grisu\AppData\Local\Temp\jre-8u25-windows-au.exe

C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe

C:\Users\Grisu\AppData\Local\Temp\sqlite3.dll

C:\Users\Grisu\AppData\Local\Temp\VSUSetup.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 

==================== BCD ================================
 

Windows-Start-Manager

---------------------

Bezeichner              {bootmgr}

device                  partition=C:

description             Windows Boot Manager

locale                  de-DE

inherit                 {globalsettings}

default                 {current}

resumeobject            {83b231c0-eaf5-11e3-9627-acd98b81b942}

displayorder            {current}

toolsdisplayorder       {memdiag}

timeout                 15
 

Windows-Startladeprogramm

-------------------------

Bezeichner              {2cce4ab4-37dd-11e4-94c2-00226863bf18}

device                  ramdisk=[C:]\Recovery\2cce4ab4-37dd-11e4-94c2-00226863bf18\Winre.wim,{2cce4ab5-37dd-11e4-94c2-00226863bf18}

path                    \windows\system32\winload.exe

description             Windows Recovery Environment

inherit                 {bootloadersettings}

osdevice                ramdisk=[C:]\Recovery\2cce4ab4-37dd-11e4-94c2-00226863bf18\Winre.wim,{2cce4ab5-37dd-11e4-94c2-00226863bf18}

systemroot              \windows

nx                      OptIn

winpe                   Yes
 

Windows-Startladeprogramm

-------------------------

Bezeichner              {current}

device                  partition=C:

path                    \Windows\system32\winload.exe

description             Windows 7

locale                  de-DE

inherit                 {bootloadersettings}

recoverysequence        {2cce4ab4-37dd-11e4-94c2-00226863bf18}

recoveryenabled         Yes

osdevice                partition=C:

systemroot              \Windows

resumeobject            {83b231c0-eaf5-11e3-9627-acd98b81b942}

nx                      OptIn

usefirmwarepcisettings  No

sos                     Yes
 

Wiederaufnahme aus dem Ruhezustand

----------------------------------

Bezeichner              {83b231c0-eaf5-11e3-9627-acd98b81b942}

device                  partition=C:

path                    \Windows\system32\winresume.exe

description             Windows Resume Application

locale                  de-DE

inherit                 {resumeloadersettings}

filedevice              partition=C:

filepath                \hiberfil.sys

debugoptionenabled      No
 

Windows-Speichertestprogramm

----------------------------

Bezeichner              {memdiag}

device                  partition=C:

path                    \boot\memtest.exe

description             Windows-Speicherdiagnose

locale                  de-DE

inherit                 {globalsettings}

badmemoryaccess         Yes
 

EMS-Einstellungen

-----------------

Bezeichner              {emssettings}

bootems                 Yes
 

Debuggereinstellungen

---------------------

Bezeichner              {dbgsettings}

debugtype               Serial

debugport               1

baudrate                115200
 

RAM-Defekte

-----------

Bezeichner              {badmemory}
 

Globale Einstellungen

---------------------

Bezeichner              {globalsettings}

inherit                 {dbgsettings}

                        {emssettings}

                        {badmemory}
 

Startladeprogramm-Einstellungen

-------------------------------

Bezeichner              {bootloadersettings}

inherit                 {globalsettings}

                        {hypervisorsettings}
 

Hypervisoreinstellungen

-------------------

Bezeichner              {hypervisorsettings}

hypervisordebugtype     Serial

hypervisordebugport     1

hypervisorbaudrate      115200
 

Einstellungen zur Ladeprogrammfortsetzung

-----------------------------------------

Bezeichner              {resumeloadersettings}

inherit                 {globalsettings}
 

Geräteoptionen

--------------

Bezeichner              {2cce4ab5-37dd-11e4-94c2-00226863bf18}

description             Ramdisk Options

ramdisksdidevice        partition=C:

ramdisksdipath          \Recovery\2cce4ab4-37dd-11e4-94c2-00226863bf18\boot.sdi
 
 
 

LastRegBack: 2014-09-26 08:47
 

==================== End Of Log ============================

--- --- ---

Williwu

17.10.2014 22:01

Users shortcut scan result (x64) Version: 15-10-2014 02
Ran by Grisu at 2014-10-17 23:00:46
Running from C:\Users\Grisu\Desktop\Trojaner software
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> F:\Programme\Photosho CS5\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk -> D:\Programme\Photosho CS5\Adobe Device Central CS5\DeviceCentral.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> D:\Programme\Photosho CS5\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk -> D:\Programme\Adobe Photoshop CC 64Bit\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk -> D:\Programme\Photosho CS5\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk -> D:\Programme\Photosho CS5\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk -> D:\Programme\Adobe Photoshop Lightroom 5.6\lightroom.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Account- und Rechnungssupport.lnk -> F:\Spiele von C\World of Warcraft\Data\deDE\AccountBilling.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Technischer Kundendienst.lnk -> F:\Spiele von C\World of Warcraft\Data\deDE\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> D:\Spiele\World of Warcraft\Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems\Shutdown Timer\Check for Updates.lnk -> C:\Windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Updater.exe_E20B2B5FC4F041B78CF7696254CCF80B.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems\Shutdown Timer\Shutdown Timer.lnk -> C:\Windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_1679CE734515425E8E8CCB32956A82D7.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro entfernen.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\ PrintProjects deinstallieren.lnk -> C:\Program Files (x86)\PrintProjects\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk -> C:\Program Files (x86)\PowerISO\uninstall.exe (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Historie.lnk -> C:\Program Files (x86)\PDFCreator\History.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Hilfe.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator_german.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator im Internet.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.exe (pdfforge GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Translation Tool.lnk -> C:\Program Files (x86)\PDFCreator\languages\TransTool.exe (pdfforge pdfforge | The free PDF Creator, Converter and PDF Editor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Unterstütze PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\Unterstütze PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\AFPL License.lnk -> C:\Program Files (x86)\PDFCreator\AFPL License.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\FairPlay License.lnk -> C:\Program Files (x86)\PDFCreator\FairPlay License.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Licenses\GPL License.lnk -> C:\Program Files (x86)\PDFCreator\GNU License.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF.lnk -> C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDF.exe (pdfforge GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2\PDF Architect 2.lnk -> C:\Program Files (x86)\PDF Architect 2\PDF Architect 2.exe (pdfforge GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Deinstallieren von Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Changelog.lnk -> G:\Spiele von C\Transport tycoon deluxe\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Known-bugs.lnk -> G:\Spiele von C\Transport tycoon deluxe\known-bugs.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\OpenTTD.lnk -> G:\Spiele von C\Transport tycoon deluxe\openttd.exe (OpenTTD Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Readme.lnk -> G:\Spiele von C\Transport tycoon deluxe\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Uninstall.lnk -> E:\Spiele von C\Transport Tycoon Deluxe\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Scripts\Readme.lnk -> G:\Spiele von C\Transport tycoon deluxe\scripts\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD\Docs\Multiplayer.lnk -> G:\Spiele von C\Transport tycoon deluxe\docs\multiplayer.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk -> D:\Programme\Open Office\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk -> D:\Programme\Open Office\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk -> D:\Programme\Open Office\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk -> D:\Programme\Open Office\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk -> D:\Programme\Open Office\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk -> D:\Programme\Open Office\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk -> D:\Programme\Open Office\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netzmanager\Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\An OneNote 2013 senden.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Lync-Aufzeichnungs-Manager.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013-Spracheinstellungen.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Telemetriedashboard für Office 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Telemetrieprotokoll für Office 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk -> C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO Home Center.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO*Drucker-Tools.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOPrinterTools.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\Kodak Druckereinrichtungs-Dienstprogramm.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Hilfe für Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\Doc\de\kis\context.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Lab im Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Lizenzvertrag.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\Doc\de\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Dokumentation.lnk -> C:\Program Files\ESET\ESET Smart Security\eset.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET Smart Security.lnk -> C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysInspector.lnk -> C:\Program Files\ESET\ESET Smart Security\SysInspector.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysRescue.lnk -> C:\Program Files\ESET\ESET Smart Security\SysRescue.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Lizenzvereinbarung.lnk -> C:\Program Files\ESET\ESET Smart Security\eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Advanced Archive Password Recovery.lnk -> D:\Programme\Passwort Recovery\Advanced Archive Password Recovery\ARCHPR.exe (ElcomSoft Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\Advanced Archive Password Recovery Help.lnk -> D:\Programme\Passwort Recovery\Advanced Archive Password Recovery\ARCHPR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\License Agreement.lnk -> D:\Programme\Passwort Recovery\License.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder\Duplicate Music Files Finder.lnk -> C:\Program Files (x86)\Duplicate Music Files Finder\DMFF.exe (LC IBros Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder\Help.lnk -> C:\Program Files (x86)\Duplicate Music Files Finder\DMFFHelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Files Finder\Uninstall Duplicate Music Files Finder.lnk -> C:\Program Files (x86)\Duplicate Music Files Finder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager Hilfe.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (32-bit).lnk -> F:\Programme\Cheat Engine 6.3\cheatengine-i386.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (64-bit).lnk -> D:\Programme\Cheat Engine 6.3\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3.lnk -> D:\Programme\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine help.lnk -> D:\Programme\Cheat Engine 6.3\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine tutorial.lnk -> D:\Programme\Cheat Engine 6.3\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Reset settings.lnk -> D:\Programme\Cheat Engine 6.3\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Uninstall Cheat Engine.lnk -> D:\Programme\Cheat Engine 6.3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Kernel stuff\Unload kernel module.lnk -> D:\Programme\Cheat Engine 6.3\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\PhotoStitch\PhotoStitch - INFO.lnk -> C:\Program Files (x86)\Canon\PhotoStitch\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\PhotoStitch\PhotoStitch.lnk -> C:\Program Files (x86)\Canon\PhotoStitch\STLauncher.exe (Canon Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 - INFO.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\EOS Utility 2.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional\Digital Photo Professional.lnk -> C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Die Siedler IV.lnk -> D:\Spiele\Siedler 4\S4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Editor.lnk -> D:\Spiele\Siedler 4\Editor\S4Editor.exe (Blue Byte Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Handbuch zu Die Siedler IV - Gold Edition.lnk -> D:\Spiele\Siedler 4\Handbuch\Die Siedler IV Gold Handbuch.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Handbuch zu Die Siedler IV - Mission CD 2.lnk -> D:\Spiele\Siedler 4\Handbuch\Die Siedler IV Mission CD2 Handbuch.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Handbuch zu Die Siedler IV - Mission CD.lnk -> D:\Spiele\Siedler 4\Handbuch\Die Siedler IV Mission CD Handbuch.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Handbuch zu Die Siedler IV.lnk -> D:\Spiele\Siedler 4\Handbuch\Die Siedler IV Handbuch.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte\Die Siedler IV\Handbuch zu Die Trojaner und das Elixier der Macht.lnk -> D:\Spiele\Siedler 4\Handbuch\Die Siedler IV Add On Handbuch.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdreamers\TimeComX Basic (64-Bit)\ReadMe.lnk -> E:\Iso Programme\TimeComX Basic\ReadMe.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdreamers\TimeComX Basic (64-Bit)\TimeComX.lnk -> E:\Iso Programme\TimeComX Basic\TimeComX.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdreamers\TimeComX Basic (64-Bit)\UnInstall.lnk -> Q:\Programme\TimeComX Basic\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120% deinstallieren.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Hilfe.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Help\AX_GE.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Kommandozeilen Starter.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\Links\Creative Cloud Files.lnk -> C:\Users\Grisu\Creative Cloud Files ()
Shortcut: C:\Users\Grisu\Links\Desktop.lnk -> C:\Users\Grisu\Desktop ()
Shortcut: C:\Users\Grisu\Links\Downloads.lnk -> C:\Users\Grisu\Downloads ()
Shortcut: C:\Users\Grisu\Links\Dropbox.lnk -> C:\Users\Grisu\Dropbox ()
Shortcut: C:\Users\Grisu\Desktop\Cheat Engine.lnk -> D:\Programme\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\Users\Grisu\Desktop\Duplicate Music Files Finder.lnk -> C:\Program Files (x86)\Duplicate Music Files Finder\DMFF.exe (LC IBros Solutions)
Shortcut: C:\Users\Grisu\Desktop\TeamSpeak 3 Client.lnk -> G:\Spiele von C\Team Speak 3\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Grisu\Desktop\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Grisu\Desktop\Trojaner software\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Grisu\Desktop\Trojaner software\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Grisu\Desktop\Spiele\AC4BFSP - Verknüpfung.lnk -> G:\Spiele von C\Assasins creed 4\Assassin's Creed IV Black Flag\AC4BFSP.exe ()
Shortcut: C:\Users\Grisu\Desktop\Spiele\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Grisu\Desktop\Spiele\Die Siedler IV Gold+ Edition.lnk -> D:\Spiele\Siedler 4\S4.exe ()
Shortcut: C:\Users\Grisu\Desktop\Spiele\FIFA 14.lnk -> C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe (Electronic Arts)
Shortcut: C:\Users\Grisu\Desktop\Spiele\Launcher.exe - Verknüpfung.lnk -> D:\Spiele\World of Warcraft\Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Grisu\Desktop\Spiele\OpenTTD.lnk -> G:\Spiele von C\Transport tycoon deluxe\openttd.exe (OpenTTD Development Team)
Shortcut: C:\Users\Grisu\Desktop\Spiele\Sniper Elite 3.lnk -> E:\Spiele von C\Sniper Elite 3\Launcher\Sniper3Launcher.exe (No File)
Shortcut: C:\Users\Grisu\Desktop\Spiele\Wolfenstein German Uncut Edition.lnk -> G:\Spiele von C\Wolfenstein 2014\Wolfenstein German Uncut Edition\SP\Wolf2.exe (Raven Software)
Shortcut: C:\Users\Grisu\Desktop\Dokumente 2014\GEZ 19-01-2012\Bezahlt - GEZ.lnk -> C:\Users\Grisu\Desktop\Dokumente 2014\GEZ 19-01-2012\Bezahlt.txt ()
Shortcut: C:\Users\Grisu\Desktop\Canon\Digital Photo Professional.lnk -> C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe (CANON INC.)
Shortcut: C:\Users\Grisu\Desktop\Canon\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\Users\Grisu\Desktop\Canon\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe (ICQ)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Grisu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Rip DVD.lnk -> C:\Program Files (x86)\VirtualDJ\ripdvd.exe (No File)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Rip Vinyl.lnk -> C:\Program Files (x86)\VirtualDJ\ripvinyl.exe (No File)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup Audio.lnk -> C:\Users\Grisu\Documents\VirtualDJ\VirtualDJ 7 - Audio Setup Guide.pdf (No File)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup QuickStart.lnk -> C:\Users\Grisu\Documents\VirtualDJ\VirtualDJ 8 - Getting Started.pdf ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\User Guide.lnk -> C:\Users\Grisu\Documents\VirtualDJ\VirtualDJ 8 - User Guide.pdf ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\VirtualDJ Home FREE.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe (No File)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit Entfernen oder Reparieren.lnk -> C:\Program Files\totalcmd\TCUNIN64.EXE ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Hilfe.lnk -> C:\Program Files\totalcmd\TOTALCMD.CHM ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> G:\Spiele von C\Team Speak 3\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> E:\Spiele von C\Team Speak 3\Uninstall.exe (No File)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe (ICQ)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Grisu\Dropbox ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Duplicate Music Files Finder.lnk -> C:\Program Files (x86)\Duplicate Music Files Finder\DMFF.exe (LC IBros Solutions)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe (ICQ)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk -> D:\Programme\PDFCreator\PDFCreator.exe (pdfforge GmbH)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Alcohol 120% (2).lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013 (2).lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe (ICQ)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\KODAK AiO Home Center.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lightroom 5.6 64-bit.lnk -> D:\Programme\Adobe Photoshop Lightroom 5.6\lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenOffice Base.lnk -> D:\Programme\Open Office\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photoshop - Verknüpfung.lnk -> D:\Programme\Adobe Photoshop CC 64Bit\Adobe Photoshop CC (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Secunia PSI.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TimeComX (2).lnk -> E:\Iso Programme\TimeComX Basic\TimeComX.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TimeComX.lnk -> E:\Iso Programme\TimeComX Basic\TimeComX.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Total Commander 64 bit.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013 (2).lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent (2).lnk -> C:\Users\Grisu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -> C:\Users\Grisu\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe (ICQ)
Shortcut: C:\Users\Grisu\AppData\Local\Microsoft\Windows\GameExplorer\{0B7E82D5-6ABA-42FC-B6A0-B57D9AC7647A}\PlayTasks\0\Spielen.lnk -> F:\Spiele von C\Gothic II\System\gothic2.exe (Piranha Bytes)
Shortcut: C:\Users\Public\Desktop\Apps.lnk -> C:\Users\Public\Libraries\Apps.library-ms ()
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\KODAK AiO Home Center.lnk -> C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk -> D:\Programme\Open Office\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\PDF Architect 2.lnk -> C:\Program Files (x86)\PDF Architect 2\PDF Architect 2.exe (pdfforge GmbH)
Shortcut: C:\Users\Public\Desktop\PDFCreator.lnk -> C:\Program Files (x86)\PDFCreator\PDFCreator.exe (pdfforge GmbH)
Shortcut: C:\Users\Public\Desktop\PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk -> C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group)
Shortcut: C:\Users\Public\Desktop\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems\Shutdown Timer\Uninstall Shutdown Timer.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra\SWAT 4\SWAT 4 deinstallieren.lnk -> C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe (InstallShield Software Corporation) -> /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Images2PDF\Images2PDF Console Application.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\PDFCreator\Images2PDF\Images2PDFC.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2\Uninstall or Modify PDF Architect 2.lnk -> C:\ProgramData\PDF Architect 2\Installation\PDFArchitect2Installer.exe (© pdfforge GmbH.) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK AiO*Statusmonitor.lnk -> C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK All-in-One Software deinstallieren.lnk -> C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company) -> /Web /x {E0F274B7-592B-4669-8FB8-8D9825A09858} CompanyName="Eastman Kodak Company" /code 1031
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security entfernen.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{6F6873E3-5C92-4049-B511-231A138DD090} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Deinstallation.lnk -> C:\Program Files\ESET\ESET Smart Security\callmsi.exe (ESET) -> /i {23234C01-F6B0-40FE-A583-B66840B28445}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Uninstall\Advanced Archive Password Recovery.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {01011662-76A8-41E8-B1A8-4F8821570AC5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager Deinstallation.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}\Setup.exe" -l0x7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager\DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) -> /ShowGUI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor - Deinstallieren.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Picture Style Editor\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\PhotoStitch\PhotoStitch - Deinstallieren.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\PhotoStitch\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 - Deinstallieren.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility 2\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional\Digital Photo Professional - Deinstallieren.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Digital Photo Professional\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Grisu\Desktop\Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\VSRevoGroup\RevoUninstaller\ADCU\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) -> /AutoStartUp
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Uninstall VirtualDJ 8.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Uninstall VirtualDJ Home FREE.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) -> /AutoStartUp
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG) -> /Autostart
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\Uninstall ICQ.lnk -> C:\Users\Grisu\AppData\Roaming\ICQM\icqsetup.exe (ICQ) -> -uninstallcu
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Grisu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro im Internet.url -> hxxp://www.revouninstallerpro.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\Benutzerhandbuch.url -> hxxp://www.kodak.com/go/manuals?pq-locale=de_DE#aioprinters
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\KODAK Mobile Solutions.url -> hxxp://www.kodak.com/go/mobileprinting
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery\Documentation\ElcomSoft on the Web.url -> hxxp://www.elcomsoft.com
InternetURL: C:\Users\Grisu\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Grisu\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Grisu\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Grisu\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Grisu\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Grisu\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Grisu\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Grisu\Desktop\Spiele\Assassin's Creed IV Black Flag.url -> uplay://launch/273
InternetURL: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse\Curse Client online support.url -> hxxp://clientsupport.curse.com/

==================== End of log =============================

schrauber

18.10.2014 13:49

Fehlt noch die Addition.txt :)

Williwu

20.10.2014 06:20

wie mach ich das ?

sry das sagt mir gerade nicht´s wie das geht oder was du meinst

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2014

Ran by Grisu at 2014-10-20 07:19:36

Running from C:\Users\Grisu\Desktop\Trojaner software

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)

Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)

aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden

aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden

aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden

Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)

Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)

Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)

Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)

DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )

Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)

Duplicate Music Files Finder 1.5.5 (HKLM-x32\...\Duplicate Music Files Finder_is1) (Version:  - LC IBros Solutions S.R.L.)

ESET Smart Security (HKLM\...\{23234C01-F6B0-40FE-A583-B66840B28445}) (Version: 7.0.317.4 - ESET, spol s r. o.)

essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)

GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

ICQ 8.2 (build 7100) (HKCU\...\ICQ) (Version: 8.2.7100.0 - ICQ)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden

KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)

NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)

Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)

Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden

NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

OpenTTD 1.4.1 (HKLM-x32\...\OpenTTD) (Version: 1.4.1 - OpenTTD)

Opera Stable 25.0.1614.50 (HKLM-x32\...\Opera 25.0.1614.50) (Version: 25.0.1614.50 - Opera Software ASA)

Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)

PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)

PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)

Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Sniper Elite 3 GERMAN (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)

Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)

Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)

VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)

VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

Wolfenstein German Uncut Edition 1.2 (HKLM-x32\...\Wolfenstein German Uncut Edition 1.2) (Version:  - )

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points  =========================
 

16-10-2014 08:35:23 Ende der Bereinigung

16-10-2014 22:46:56 Installed Java 7 Update 71

16-10-2014 22:49:44 Installed Adobe Flash Player 15 Plugin.

17-10-2014 21:50:06 Wiederherstellungsvorgang
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2014-10-10 03:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {137F8DA8-B0D6-4D79-A354-01F3D3786DEC} - System32\Tasks\CCleaner => C:\Program

Task: {3214F43F-E1A1-4C68-BF16-E5897A43677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {35F176CF-CA9A-44F4-86C7-453074B5F388} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe

Task: {47204497-A725-44BE-A0D9-2F21AE38E29F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {51A59664-473F-4FFA-875A-FE68FE802FD9} - System32\Tasks\AdobeAAMUpdater-1.0-Grisu-PC-Grisu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {56461B0B-7519-4712-B9BB-9859AA17AA2F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {633933A3-0FD6-41F6-828D-054E0E631943} - System32\Tasks\Opera scheduled Autoupdate 1405765260 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-15] (Opera Software)

Task: {73F6469B-1E78-4E6C-A5F5-88191BFC333F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)

Task: {7DFD5D42-E1C6-4390-86C1-B957F1040339} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {83D37B77-37C2-4D2B-8458-16CB19C92A74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {887F700D-9A61-4F19-ACE6-457B2D42CCAA} - System32\Tasks\{303E9A7B-F154-43B4-896B-1AD818FEB83A} => C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe

Task: {93E20468-A940-43AF-9687-0AB18E8F852A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)

Task: {967BFB2D-83E2-4B3D-A225-E7BCCF94D76B} - System32\Tasks\{6C11C149-E388-4638-8FF2-38591C16AC8E} => E:\Spiele von C\NBA 2014\nba2k14.exe

Task: {9FA11F48-9923-461F-A36A-F2A17A41238C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {BDFCBC5C-4416-42A1-BB30-04248F26BBFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-09-01 18:54 - 2014-09-01 18:54 - 00819200 _____ () C:\Program Files (x86)\BlueStacks\HD-Adb.exe

2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll

2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

2014-10-20 07:02 - 2014-10-20 07:02 - 00043008 _____ () c:\users\grisu\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0r8y57.dll

2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Grisu\AppData\Roaming\Dropbox\bin\libcef.dll

2013-12-17 10:31 - 2013-12-17 10:31 - 00491520 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll

2014-09-16 12:27 - 2014-10-10 09:40 - 00195584 _____ () C:\Program Files (x86)\BlueStacks\libEGL.dll

2014-09-16 12:27 - 2014-10-10 09:40 - 01467392 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll

2014-10-15 13:04 - 2014-10-15 13:04 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2014-09-10 17:55 - 2014-09-10 17:55 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: BstHdAndroidSvc => 2

MSCONFIG\Services: BstHdLogRotatorSvc => 2

MSCONFIG\Services: BstHdUpdaterSvc => 2

MSCONFIG\Services: bthserv => 3

MSCONFIG\Services: Fax => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: NvNetworkService => 2

MSCONFIG\Services: nvsvc => 2

MSCONFIG\Services: ose64 => 3

MSCONFIG\Services: osppsvc => 3

MSCONFIG\Services: PDF Architect 2 => 3

MSCONFIG\Services: pdfforge CrashHandler => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: StarWindServiceAE => 2

MSCONFIG\Services: SwitchBoard => 3

MSCONFIG\Services: UMVPFSrv => 2

MSCONFIG\Services: Wlansvc => 3

MSCONFIG\Services: WMPNetworkSvc => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: Driver Operating Service => C:\Users\Grisu\AppData\Local\Apps\2.0\JDRWC0RT.9RO\5G9E4LPA.5WV\dros..tion_0000000000000000_0001.0000_b92f9a67277994ec\Driver Operating Service.appref-ms

MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe                                                                                                                                                                                                       

MSCONFIG\startupreg: icq => C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe -CU

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-2132015822-3264924353-165971380-500 - Administrator - Disabled)

Gast (S-1-5-21-2132015822-3264924353-165971380-501 - Limited - Disabled)

Grisu (S-1-5-21-2132015822-3264924353-165971380-1000 - Administrator - Enabled) => C:\Users\Grisu

HomeGroupUser$ (S-1-5-21-2132015822-3264924353-165971380-1002 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: sptd

Description: sptd

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: sptd

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: Standardtastatur (PS/2)

Description: Standardtastatur (PS/2)

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Microsoft PS/2-Maus

Description: Microsoft PS/2-Maus

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (10/20/2014 07:11:38 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/20/2014 07:11:21 AM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
 

Error: (10/18/2014 09:48:37 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/18/2014 00:18:01 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/17/2014 11:54:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/17/2014 11:48:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.9.3.4070, Zeitstempel: 0x5417dc9e

Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86

Ausnahmecode: 0xc0020001

Fehleroffset: 0x0000c42d

ID des fehlerhaften Prozesses: 0xb58

Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0

Pfad der fehlerhaften Anwendung: HD-Frontend.exe1

Pfad des fehlerhaften Moduls: HD-Frontend.exe2

Berichtskennung: HD-Frontend.exe3
 

Error: (10/17/2014 11:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1

Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb

Ausnahmecode: 0x80000003

Fehleroffset: 0x00001425

ID des fehlerhaften Prozesses: 0x704

Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0

Pfad der fehlerhaften Anwendung: plugin-container.exe1

Pfad des fehlerhaften Moduls: plugin-container.exe2

Berichtskennung: plugin-container.exe3
 

Error: (10/17/2014 00:46:13 AM) (Source: MsiInstaller) (EventID: 1002) (User: Grisu-PC)

Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
 

Error: (10/17/2014 00:42:05 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: f60
 

Startzeit: 01cfe992335afa27
 

Endzeit: 0
 

Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe
 

Berichts-ID: a5971ebc-5585-11e4-a073-00226863bf18
 

Error: (10/17/2014 00:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1044
 

Startzeit: 01cfe99239502056
 

Endzeit: 0
 

Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe
 

Berichts-ID: a0f5b173-5585-11e4-a073-00226863bf18
 
 

System errors:

=============

Error: (10/20/2014 07:03:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

sptd
 

Error: (10/20/2014 07:01:28 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.
 

Error: (10/20/2014 07:01:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (10/20/2014 07:01:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.
 

Error: (10/20/2014 07:01:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ekrn erreicht.
 

Error: (10/20/2014 07:00:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (10/20/2014 06:59:55 AM) (Source: sptd) (EventID: 4) (User: )

Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.
 

Error: (10/19/2014 11:45:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

sptd
 

Error: (10/19/2014 11:45:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Orbiter" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (10/19/2014 11:44:36 AM) (Source: sptd) (EventID: 4) (User: )

Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.
 
 

Microsoft Office Sessions:

=========================

Error: (10/20/2014 07:11:38 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/20/2014 07:11:21 AM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
 

Error: (10/18/2014 09:48:37 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/18/2014 00:18:01 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/17/2014 11:54:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )

Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.

   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 

Error: (10/17/2014 11:48:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: HD-Frontend.exe0.9.3.40705417dc9eKERNELBASE.dll6.1.7601.1840953159a86c00200010000c42db5801cfea43fda766b5C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\syswow64\KERNELBASE.dll4f8a65aa-5647-11e4-87e5-00226863bf18
 

Error: (10/17/2014 11:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb800000030000142570401cfea46797378b6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll326422d6-5647-11e4-87e5-00226863bf18
 

Error: (10/17/2014 00:46:13 AM) (Source: MsiInstaller) (EventID: 1002) (User: Grisu-PC)

Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)
 

Error: (10/17/2014 00:42:05 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: psi.exe3.0.0.9016f6001cfe992335afa270C:\Program Files (x86)\Secunia\PSI\psi.exea5971ebc-5585-11e4-a073-00226863bf18
 

Error: (10/17/2014 00:41:57 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: psi.exe3.0.0.9016104401cfe992395020560C:\Program Files (x86)\Secunia\PSI\psi.exea0f5b173-5585-11e4-a073-00226863bf18
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-10-11 11:06:51.822

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.822

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.822

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.790

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.790

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.790

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.728

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.728

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-11 11:06:51.728

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-08 12:09:11.957

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz

Percentage of memory in use: 64%

Total physical RAM: 6135.17 MB

Available physical RAM: 2166.19 MB

Total Pagefile: 12268.52 MB

Available Pagefile: 7702.09 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (Betriebssys) (Fixed) (Total:115.75 GB) (Free:19.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Programme) (Fixed) (Total:1023.87 GB) (Free:900.17 GB) NTFS

Drive e: (Wichtiges) (Fixed) (Total:931.5 GB) (Free:184.63 GB) NTFS

Drive f: (Volume) (Fixed) (Total:886.45 GB) (Free:492.13 GB) NTFS

Drive g: (Spiele) (Fixed) (Total:465.76 GB) (Free:341.84 GB) NTFS

Drive h: (Betriebssys 2) (Fixed) (Total:723.4 GB) (Free:522.17 GB) NTFS

Drive i: (Spiele 3) (Fixed) (Total:976.56 GB) (Free:849.94 GB) NTFS

Drive j: (Musik&Bilder) (Fixed) (Total:936.58 GB) (Free:188.07 GB) NTFS

Drive k: () (Fixed) (Total:926.44 GB) (Free:891.41 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F883268C)

Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=886.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F88326EF)

Partition 1: (Active) - (Size=115.7 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1023.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=723.4 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 465.8 GB) (Disk ID: 2EE023AC)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 6A1CCFD9)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)
 

========================================================

Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)

Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

schrauber

20.10.2014 18:13

Was genau gibt es denn an Problemen mit diesem Rechner? :)

Williwu

20.10.2014 18:23

beim kauf war er schneller bei vielen öffnungen bei programmen spielen oder auch office und oder EA-games

wie bekomme ich zb den arbeitsspeicher leer

schrauber

21.10.2014 12:02

Zitat:

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

Deinstallier erstmal alles an Schutzsoftware, bis auf ein einziges AV Programm.

Williwu

29.10.2014 12:39

ok die zeit vom pc beim hoch fahren oder bei der berechnung und ausführung einzelner Programme hat sich gebesser brauche dessen keine hilfe nur
ist seid neusten bei Google chrome standart mässig ein tab auf "mystartsearch"

wie bekomme ich den trojaner noch runter !
beim runterladen vom update adobe flash player

schrauber

30.10.2014 11:46

Poste mal bitte frische FRST logs.

Williwu

30.10.2014 12:04

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014

Ran by Grisu (administrator) on GRISU-PC on 30-10-2014 11:57:52

Running from C:\Users\Grisu\Desktop\Trojaner software

Loaded Profile: Grisu (Available profiles: Grisu)

Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Dropbox, Inc.) C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe

(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

(Deutsche Telekom AG) D:\Programme\Netzmanager\netzmanager.exe

(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk

ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk

ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

Startup: C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk

ShortcutTarget: Netzmanager.lnk -> D:\Programme\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56C38410017FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: OpitOn -> {6b836c64-f364-437e-bab5-11f39990cfe9} ->  No File

BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: OpteOn -> {ab957d78-2cdb-4568-8020-2eaabcd137c2} ->  No File

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: GoSaive -> {cfd100a1-0615-4d32-9827-7ac2d4b0faa4} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()

FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()

FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll ( )

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Lightshot (screenshot tool) - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B} [2014-10-02]

FF Extension: NoScript - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-16]

FF Extension: {7d02e03c-f690-4f38-bf10-5e8cc02a4740} - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{7d02e03c-f690-4f38-bf10-5e8cc02a4740}.xpi [2014-09-09]

FF Extension: Adblock Plus - C:\Users\Grisu\AppData\Roaming\Mozilla\Firefox\Profiles\t2l1m1y7.default-1407286514912\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-17]

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-28]

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com

FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-03]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 

Chrome: 

=======

CHR HomePage: Default -> https://www.google.de/

CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1413582446&from=amt&uid=SAMSUNGXHD204UI_S2H7J90B728318"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]

CHR Extension: (ZenMate) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-05]

CHR Extension: (AdBlock) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-17]

CHR Extension: (Disconnect) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-17]

CHR Extension: (Google Wallet) - C:\Users\Grisu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)

S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)

R2 KMSServerService; C:\Windows\KMSServerService\KMS Server Service.exe [211968 2014-07-06] (My Digital Life Forums) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 Netzmanager Service; D:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]

S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)

S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)

S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)

S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)

S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)

S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [294912 2007-11-26] (T-Systems Enterprise Services GmbH) [File not signed]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)

R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)

U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)

R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)

R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)

R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-03] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-03] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-03] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-03] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-30] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)

S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2014.SP2a\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-10-23] () [File not signed]

R3 TelekomNM6; D:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

U3 aigzmjpb; C:\Windows\System32\Drivers\aigzmjpb.sys [0 ] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

S3 gwfilt64; system32\drivers\gwfilt64.sys [X]

S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-29 20:48 - 2014-10-29 21:06 - 14393344 _____ () C:\Users\Grisu\AppData\Roaming\Sandra.mdb

2014-10-29 20:48 - 2014-10-29 20:49 - 00000064 _____ () C:\Users\Grisu\AppData\Roaming\Sandra.ldb

2014-10-29 20:43 - 2014-10-29 20:43 - 00001230 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Personal 2014.SP2a.lnk

2014-10-29 20:43 - 2014-10-29 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware

2014-10-29 20:43 - 2014-10-29 20:43 - 00000000 ____D () C:\Program Files\SiSoftware

2014-10-29 20:40 - 2014-10-29 20:45 - 00000000 ____D () C:\Users\Grisu\Desktop\SiSoftware.Sandra.Personal.v2014.06.20.35.Multilingual.Retail.Incl.Keymaker-ZWT

2014-10-29 17:13 - 2014-10-29 17:39 - 78934679 _____ () C:\Users\Grisu\Downloads\14-sissyperso-35.rar

2014-10-29 15:06 - 2014-10-29 15:07 - 68778552 _____ (SiSoftware ) C:\Users\Grisu\Downloads\san2050.exe

2014-10-29 14:40 - 2013-03-10 21:02 - 00000000 ____D () C:\Users\Grisu\Desktop\6.666 Vorlagen Excel Tabellen

2014-10-29 13:30 - 2014-07-08 13:04 - 00000000 ____D () C:\Users\Grisu\Desktop\SiSoftware.Sandra.Enterprise.v2014.06.20.35.Multilingual.Retail.Incl.Keymaker-ZWT

2014-10-29 13:13 - 2014-10-29 14:39 - 262091872 _____ () C:\Users\Grisu\Downloads\6.666.Tabellen.rar

2014-10-29 13:03 - 2014-10-29 13:28 - 78952673 _____ () C:\Users\Grisu\Desktop\14-sissyente-35.rar

2014-10-29 08:22 - 2014-10-30 09:39 - 00000392 _____ () C:\Windows\setupact.log

2014-10-29 08:22 - 2014-10-30 08:48 - 00001900 _____ () C:\Windows\PFRO.log

2014-10-29 08:22 - 2014-10-29 08:22 - 00000000 _____ () C:\Windows\setuperr.log

2014-10-28 11:56 - 2014-10-30 09:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-28 11:56 - 2014-10-28 11:56 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-28 11:56 - 2014-10-28 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-28 11:56 - 2014-10-28 11:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-28 11:56 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-10-28 11:56 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-10-28 11:56 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-10-28 11:55 - 2014-10-28 11:55 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Grisu\Downloads\mbam-setup-2.0.3.1025.exe

2014-10-27 22:38 - 2014-10-28 09:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7E171EA0.sys

2014-10-27 22:37 - 2014-10-27 22:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\148D1E34.sys

2014-10-26 08:41 - 2014-10-26 08:42 - 00000000 ____D () C:\Users\Grisu\Desktop\2014_10_26

2014-10-24 14:27 - 2014-10-24 14:27 - 00000770 _____ () C:\Users\Grisu\Desktop\JRT.txt

2014-10-23 23:37 - 2014-10-23 23:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\75651398.sys

2014-10-23 23:37 - 2014-10-23 23:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\152B13CC.sys

2014-10-23 14:48 - 2014-10-29 12:22 - 00000000 ____D () C:\AdwCleaner

2014-10-23 01:49 - 2014-10-23 01:49 - 00000673 _____ () C:\Users\Public\Desktop\F1 2014.lnk

2014-10-23 01:49 - 2014-10-23 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters

2014-10-23 01:22 - 2014-10-23 01:22 - 00000000 ____D () C:\Users\Grisu\Documents\Usenet.nl

2014-10-22 22:35 - 2014-10-23 12:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\708E15EB.sys

2014-10-22 22:33 - 2014-10-22 22:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\59D914BF.sys

2014-10-22 22:32 - 2014-10-22 22:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\47F524EC.sys

2014-10-22 22:12 - 2014-10-22 22:12 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VS Revo Group

2014-10-20 06:39 - 2014-10-20 06:39 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfec284612b0a0

2014-10-20 06:39 - 2014-10-20 06:39 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec284612b0a0.job

2014-10-19 10:03 - 2014-10-19 10:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-10-18 09:24 - 2014-10-18 09:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2231591B.sys

2014-10-17 21:53 - 2014-10-30 11:58 - 00000000 ____D () C:\FRST

2014-10-17 08:35 - 2014-10-17 08:51 - 00056368 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014 - Kopie.ods

2014-10-16 23:47 - 2014-10-16 09:26 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-10-16 09:34 - 2014-10-16 09:36 - 00001772 _____ () C:\DelFix.txt

2014-10-16 09:34 - 2014-10-16 09:34 - 00001080 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

2014-10-16 09:34 - 2014-10-16 09:34 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Secunia PSI

2014-10-16 09:34 - 2014-10-16 09:34 - 00000000 ____D () C:\Program Files (x86)\Secunia

2014-10-16 09:30 - 2014-10-16 09:31 - 00541865 _____ () C:\Users\Grisu\Downloads\noscript_security_suite-2.6.9.1-fn_fx_sm.zip

2014-10-16 09:27 - 2014-10-16 09:27 - 05329480 _____ (Secunia) C:\Users\Grisu\Downloads\PSISetup_3.0.0.9016.exe

2014-10-15 12:04 - 2014-10-15 12:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-14 01:10 - 2014-10-14 01:10 - 00000000 ____D () C:\Users\Grisu\4.0

2014-10-14 01:10 - 2014-10-14 01:10 - 00000000 ____D () C:\Users\Grisu\.tfo4

2014-10-12 20:27 - 2014-10-12 20:36 - 28076375 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part3.rar

2014-10-12 09:07 - 2014-10-12 09:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04E23FBD.sys

2014-10-12 09:04 - 2014-10-12 09:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1BA03D9F.sys

2014-10-11 11:33 - 2014-10-11 12:42 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part2.rar

2014-10-11 09:26 - 2014-10-11 09:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0781265D.sys

2014-10-10 08:43 - 2014-10-10 08:43 - 00001818 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-10-10 08:40 - 2014-10-10 08:40 - 00001830 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-10-10 08:34 - 2014-10-10 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-10-10 08:34 - 2014-10-10 08:34 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-10-10 05:50 - 2014-10-10 05:54 - 163978588 _____ () C:\Users\Grisu\Downloads\U2-Songs_Of_Innocence-%28Deluxe_Edition%29-2CD-2014-BriBerY.rar

2014-10-10 05:11 - 2014-10-10 05:11 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-10-10 05:00 - 2014-10-10 05:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\VS Revo Group

2014-10-10 05:00 - 2014-10-10 05:00 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-10-10 05:00 - 2014-10-10 05:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-10-10 05:00 - 2014-10-10 05:00 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-10-10 05:00 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys

2014-10-10 04:56 - 2014-10-10 06:04 - 209715200 _____ () C:\Users\Grisu\Downloads\va-german50odc06102014.part1.rar

2014-10-10 04:55 - 2014-10-10 04:58 - 50068373 _____ () C:\Users\Grisu\Downloads\Neueinsteiger_der_German_ODC_TOP50_vom_06.10.2014-CannaPower.rar

2014-10-09 23:58 - 2014-10-10 08:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2E653FC9.sys

2014-10-08 14:19 - 2014-10-08 14:19 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\VSRevoGroup

2014-10-08 13:55 - 2014-10-08 13:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64911C52.sys

2014-10-08 03:15 - 2014-10-08 03:15 - 04246449 _____ () C:\Users\Grisu\Downloads\motochopper.zip

2014-10-08 02:52 - 2014-10-08 02:52 - 00000000 ____D () C:\EGLTD

2014-10-05 13:38 - 2014-10-16 09:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-03 13:18 - 2014-10-03 13:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1343656D.sys

2014-10-02 08:35 - 2014-10-02 08:55 - 176129509 _____ () C:\Users\Grisu\Downloads\Mashup-Germany - Vol.6 - Back to the future.zip

2014-10-02 07:56 - 2014-10-14 01:39 - 00270078 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.odt

2014-10-02 00:43 - 2014-10-02 00:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-10-02 00:27 - 2014-10-02 00:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Grisu\Downloads\revosetup95.exe

2014-10-01 11:25 - 2014-10-01 11:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\449A0149.sys

2014-09-30 23:19 - 2014-09-30 23:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D894C22.sys
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-30 11:57 - 2014-06-16 01:43 - 00000000 ____D () C:\Users\Grisu\Desktop\Trojaner software

2014-10-30 11:54 - 2014-06-13 02:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-30 11:32 - 2014-07-29 09:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-30 11:05 - 2014-06-03 09:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-10-30 08:59 - 2014-08-04 01:00 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Adobe

2014-10-30 08:57 - 2009-07-14 05:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-30 08:57 - 2009-07-14 05:45 - 00059584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-30 08:55 - 2009-07-14 18:58 - 00732176 _____ () C:\Windows\system32\perfh007.dat

2014-10-30 08:55 - 2009-07-14 18:58 - 00159712 _____ () C:\Windows\system32\perfc007.dat

2014-10-30 08:55 - 2009-07-14 06:13 - 01685660 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-30 08:52 - 2014-06-03 08:07 - 01465908 _____ () C:\Windows\WindowsUpdate.log

2014-10-30 08:50 - 2014-09-19 01:02 - 00000000 ___RD () C:\Users\Grisu\Dropbox

2014-10-30 08:50 - 2014-09-18 13:56 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Dropbox

2014-10-30 08:49 - 2014-07-29 09:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-30 08:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-29 21:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization

2014-10-29 20:19 - 2014-09-20 15:31 - 00069336 _____ () C:\Users\Grisu\Desktop\Arbeitszeitnachweis-2014.ods

2014-10-29 14:32 - 2014-06-06 01:32 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\GanymedeNet

2014-10-27 22:08 - 2014-07-19 11:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405765260

2014-10-27 22:08 - 2014-07-19 11:21 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-10-26 09:06 - 2014-09-20 15:22 - 00020120 _____ () C:\Users\Grisu\Desktop\Lärmbelästigung Nachbar 2014.ods

2014-10-23 12:08 - 2014-06-13 02:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-10-23 12:07 - 2014-06-03 10:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-10-23 12:07 - 2014-06-03 10:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-23 12:03 - 2014-07-18 08:50 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-23 11:38 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-10-23 01:50 - 2014-09-22 02:31 - 00000000 ____D () C:\ProgramData\Codemasters

2014-10-23 01:50 - 2014-06-11 12:48 - 00000000 ____D () C:\Users\Grisu\Documents\My Games

2014-10-23 01:32 - 2014-06-03 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%

2014-10-23 01:32 - 2014-06-03 14:48 - 00000000 ____D () C:\Program Files\Alcohol 120%

2014-10-23 01:24 - 2014-06-03 14:50 - 00868848 _____ () C:\Windows\system32\Drivers\sptd.sys

2014-10-20 06:41 - 2014-06-03 15:14 - 00000000 ____D () C:\Program Files (x86)\Google

2014-10-20 06:39 - 2014-07-29 09:57 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-10-19 10:44 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\ShellNew

2014-10-18 09:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI

2014-10-17 23:17 - 2014-06-03 08:14 - 00000000 ____D () C:\Users\Grisu

2014-10-17 23:15 - 2014-09-25 20:38 - 00000000 ____D () C:\Users\Grisu\AppData\Local\CANON_INC

2014-10-17 23:15 - 2014-09-11 08:04 - 00000000 ____D () C:\ProgramData\Netzmanager

2014-10-17 23:15 - 2014-06-03 16:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-10-17 23:15 - 2014-06-03 10:47 - 00000000 ____D () C:\Windows\system32\Macromed

2014-10-17 23:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-10-16 23:47 - 2014-09-15 20:47 - 00000000 ____D () C:\Program Files (x86)\Java

2014-10-16 09:35 - 2014-06-18 22:30 - 00000000 ____D () C:\Windows\ERUNT

2014-10-16 09:28 - 2014-07-28 22:36 - 00000000 ____D () C:\Program Files\Java

2014-10-16 09:27 - 2014-09-15 20:39 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-10-16 09:26 - 2014-09-15 20:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-10-16 09:26 - 2014-09-15 20:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-10-16 09:26 - 2014-09-15 20:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-10-16 09:14 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2014-10-13 01:08 - 2014-06-23 11:56 - 00000000 ____D () C:\ProgramData\Origin

2014-10-13 00:28 - 2014-06-24 11:18 - 00000000 ____D () C:\Users\Grisu\Documents\FIFA 14

2014-10-12 21:50 - 2014-06-23 11:55 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-10-11 10:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-10-10 08:58 - 2014-09-09 13:35 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-10-10 08:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-10-10 08:34 - 2014-09-15 11:01 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-10-10 08:32 - 2013-01-22 20:02 - 00000000 ____D () C:\Users\Grisu\Desktop\Paddy musik

2014-10-10 05:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-10 03:03 - 2014-06-03 11:48 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Adobe

2014-10-10 02:52 - 2014-06-23 12:02 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-10-09 23:16 - 2014-06-17 14:55 - 00000000 ____D () C:\Users\Grisu\Documents\Benutzerdefinierte Office-Vorlagen

2014-10-08 14:02 - 2014-06-06 01:30 - 00000000 ____D () C:\Program Files (x86)\Ganymede

2014-10-06 14:17 - 2014-06-03 13:50 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\uTorrent

2014-10-05 15:22 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-04 01:28 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV

2014-10-04 01:02 - 2014-06-10 23:00 - 00000000 ____D () C:\Users\Grisu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-10-03 22:34 - 2014-08-05 02:07 - 00000000 ____D () C:\Users\Grisu\Desktop\SciLor's Grooveshark.com Downloader

2014-10-02 04:51 - 2014-06-03 09:14 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-10-02 00:36 - 2014-09-26 00:47 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-10-01 11:05 - 2014-09-29 13:13 - 00381736 _____ () C:\Users\Grisu\Documents\WhatsApp Chat mit Franzi.txt

2014-09-30 11:26 - 2014-07-24 23:31 - 00000000 ____D () C:\Users\Grisu\AppData\Local\Unity
 

Some content of TEMP:

====================

C:\Users\Grisu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpomh34u.dll

C:\Users\Grisu\AppData\Local\Temp\Quarantine.exe

C:\Users\Grisu\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-10-29 09:01
 

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014

Ran by Grisu at 2014-10-30 12:02:18

Running from C:\Users\Grisu\Desktop\Trojaner software

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\{AF82C1A9-56DC-4CCD-A36C-CAE56D541DFA}) (Version: 15.0.0.189 - Adobe Systems Incorporated)

Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)

Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)

aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden

aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden

aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden

Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{B40D9A2E-C9CA-4402-A0B7-09E33C03B9C5}) (Version: 0.9.3.4070 - BlueStack Systems, Inc.)

Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)

Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)

Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)

DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )

Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)

Duplicate Music Files Finder 1.5.5 (HKLM-x32\...\Duplicate Music Files Finder_is1) (Version:  - LC IBros Solutions S.R.L.)

ESET Smart Security (HKLM\...\{23234C01-F6B0-40FE-A583-B66840B28445}) (Version: 7.0.317.4 - ESET, spol s r. o.)

essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden

F1 2014 (HKLM-x32\...\F1 2014_is1) (Version:  - )

FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)

GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden

ICQ 8.2 (build 7100) (HKCU\...\ICQ) (Version: 8.2.7100.0 - ICQ)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden

KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)

Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)

Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)

Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden

NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

OpenTTD 1.4.1 (HKLM-x32\...\OpenTTD) (Version: 1.4.1 - OpenTTD)

Opera Stable 25.0.1614.63 (HKLM-x32\...\Opera 25.0.1614.63) (Version: 25.0.1614.63 - Opera Software ASA)

Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)

PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)

PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)

Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

SiSoftware Sandra Personal 2014.SP2a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.35.2014.6 - SiSoftware)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Sniper Elite 3 GERMAN (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)

Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)

Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)

VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)

VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)

Wolfenstein German Uncut Edition 1.2 (HKLM-x32\...\Wolfenstein German Uncut Edition 1.2) (Version:  - )

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2132015822-3264924353-165971380-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Grisu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points  =========================
 

29-10-2014 16:59:39 Geplanter Prüfpunkt

29-10-2014 19:42:22 SiSoftware Sandra Personal
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 03:34 - 2014-10-10 02:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {137F8DA8-B0D6-4D79-A354-01F3D3786DEC} - System32\Tasks\CCleaner => C:\Program

Task: {3214F43F-E1A1-4C68-BF16-E5897A43677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {35F176CF-CA9A-44F4-86C7-453074B5F388} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe

Task: {47204497-A725-44BE-A0D9-2F21AE38E29F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {51A59664-473F-4FFA-875A-FE68FE802FD9} - System32\Tasks\AdobeAAMUpdater-1.0-Grisu-PC-Grisu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {56461B0B-7519-4712-B9BB-9859AA17AA2F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {73F6469B-1E78-4E6C-A5F5-88191BFC333F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23] (Adobe Systems Incorporated)

Task: {7DFD5D42-E1C6-4390-86C1-B957F1040339} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {83D37B77-37C2-4D2B-8458-16CB19C92A74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {887F700D-9A61-4F19-ACE6-457B2D42CCAA} - System32\Tasks\{303E9A7B-F154-43B4-896B-1AD818FEB83A} => C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe

Task: {93E20468-A940-43AF-9687-0AB18E8F852A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)

Task: {967BFB2D-83E2-4B3D-A225-E7BCCF94D76B} - System32\Tasks\{6C11C149-E388-4638-8FF2-38591C16AC8E} => E:\Spiele von C\NBA 2014\nba2k14.exe

Task: {9FA11F48-9923-461F-A36A-F2A17A41238C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {BDFCBC5C-4416-42A1-BB30-04248F26BBFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: {CCD27B2F-4B91-4073-B7DD-EF58A44C936D} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec284612b0a0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)

Task: {D59FB116-3FEA-45FC-98BB-2095A74D8F4A} - System32\Tasks\Opera scheduled Autoupdate 1405765260 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-23] (Opera Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec284612b0a0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll

2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

2014-10-30 08:50 - 2014-10-30 08:50 - 00043008 _____ () c:\users\grisu\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpomh34u.dll

2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Grisu\AppData\Roaming\Dropbox\bin\libcef.dll

2013-12-17 09:31 - 2013-12-17 09:31 - 00491520 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll

2014-10-15 12:04 - 2014-10-15 12:04 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2014-10-23 12:07 - 2014-10-23 12:07 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

2014-09-16 11:27 - 2014-10-10 08:40 - 00195584 _____ () C:\Program Files (x86)\BlueStacks\libEGL.dll

2014-09-16 11:27 - 2014-10-10 08:40 - 01467392 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: BstHdAndroidSvc => 2

MSCONFIG\Services: BstHdLogRotatorSvc => 2

MSCONFIG\Services: BstHdUpdaterSvc => 2

MSCONFIG\Services: bthserv => 3

MSCONFIG\Services: Fax => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: NvNetworkService => 2

MSCONFIG\Services: nvsvc => 2

MSCONFIG\Services: ose64 => 3

MSCONFIG\Services: osppsvc => 3

MSCONFIG\Services: PDF Architect 2 => 3

MSCONFIG\Services: pdfforge CrashHandler => 3

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: StarWindServiceAE => 2

MSCONFIG\Services: SwitchBoard => 3

MSCONFIG\Services: UMVPFSrv => 2

MSCONFIG\Services: Wlansvc => 3

MSCONFIG\Services: WMPNetworkSvc => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Grisu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: Driver Operating Service => C:\Users\Grisu\AppData\Local\Apps\2.0\JDRWC0RT.9RO\5G9E4LPA.5WV\dros..tion_0000000000000000_0001.0000_b92f9a67277994ec\Driver Operating Service.appref-ms

MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe                                                                                                                                                                                                       

MSCONFIG\startupreg: icq => C:\Users\Grisu\AppData\Roaming\ICQM\icq.exe -CU

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-2132015822-3264924353-165971380-500 - Administrator - Disabled)

Gast (S-1-5-21-2132015822-3264924353-165971380-501 - Limited - Disabled)

Grisu (S-1-5-21-2132015822-3264924353-165971380-1000 - Administrator - Enabled) => C:\Users\Grisu

HomeGroupUser$ (S-1-5-21-2132015822-3264924353-165971380-1002 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: Standardtastatur (PS/2)

Description: Standardtastatur (PS/2)

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardtastaturen)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: Microsoft PS/2-Maus

Description: Microsoft PS/2-Maus

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (10/30/2014 11:57:35 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 

Error: (10/29/2014 03:09:50 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2014-10-30T10:47:50Z. Error Code: 0x80071A90.
 

Error: (10/28/2014 11:42:04 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert

.

Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {ffa56fd3-7049-4e8b-87bd-77afa4b94a5f}
 

Error: (10/26/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
 
 

System errors:

=============

Error: (10/29/2014 09:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:16 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 

Error: (10/29/2014 09:14:16 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (10/29/2014 09:14:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 

Error: (10/29/2014 09:14:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1068
 
 

Microsoft Office Sessions:

=========================

Error: (10/30/2014 11:57:35 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\Grisu\Desktop\Trojaner software\esetsmartinstaller_deu.exe
 

Error: (10/29/2014 03:09:50 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )

Description: 0x80071A902014-10-30T10:47:50Z
 

Error: (10/28/2014 11:42:04 AM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005, Zugriff verweigert
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {ffa56fd3-7049-4e8b-87bd-77afa4b94a5f}
 

Error: (10/26/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-10-29 09:06:32.098

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:32.098

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:32.098

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:32.020

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:32.020

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:32.004

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:31.973

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:31.973

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-29 09:06:31.973

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-10-25 20:57:13.451

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz

Percentage of memory in use: 71%

Total physical RAM: 6135.17 MB

Available physical RAM: 1752.48 MB

Total Pagefile: 12268.52 MB

Available Pagefile: 6982.75 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (Betriebssys) (Fixed) (Total:115.75 GB) (Free:19.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Programme) (Fixed) (Total:1023.87 GB) (Free:895.69 GB) NTFS

Drive e: (Wichtiges) (Fixed) (Total:931.5 GB) (Free:185.08 GB) NTFS

Drive f: (Volume) (Fixed) (Total:886.45 GB) (Free:492.13 GB) NTFS

Drive g: (Spiele) (Fixed) (Total:465.76 GB) (Free:336.71 GB) NTFS

Drive h: (Betriebssys 2) (Fixed) (Total:723.4 GB) (Free:522.17 GB) NTFS

Drive i: (Spiele 3) (Fixed) (Total:976.56 GB) (Free:849.94 GB) NTFS

Drive k: (Musik&Bilder) (Fixed) (Total:936.58 GB) (Free:188.07 GB) NTFS

Drive l: () (Fixed) (Total:926.44 GB) (Free:891.41 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F88326EF)

Partition 1: (Active) - (Size=115.7 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1023.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=723.4 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F883268C)

Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=886.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 465.8 GB) (Disk ID: 2EE023AC)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 6A1CCFD9)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)
 

========================================================

Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 52425DEB)

Partition 1: (Active) - (Size=936.6 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=926.4 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

schrauber

31.10.2014 08:50

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de

Williwu

01.11.2014 12:24

danke somit ist alles weg ich weiß jetzt erstmal wie ich mit solchem umgehen kann und möchte mich für deine hilfe bedanken !

schrauber

01.11.2014 20:34

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Williwu

02.11.2014 13:12

danke schön ...ist erledigt und sollte ich nochmals hilfe brauchen werde ich mich natürlich wieder melden ! mit dem jeweiliegem thema

schrauber

03.11.2014 09:28

Gern Geschehen :)

Alle Zeitangaben in WEZ +1. Es ist jetzt 12:36 Uhr.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131