Trojaner-Board - Entfernen des Win32/Small.CA-Virus

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Entfernen des Win32/Small.CA-Virus (https://www.trojaner-board.de/137094-entfernen-win32-small-ca-virus.html)

Code:

# AdwCleaner v2.303 - Datei am 26/06/2013 um 18:42:09 erstellt

# Aktualisiert am 08/06/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzer : Christina - CHRISTINA-HP

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Christina\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\foxydeal.sqlite

Datei Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\searchplugins\Askcom.xml

Gelöscht mit Neustart : C:\Users\CHRIST~1\AppData\Local\Temp\Zynga

Ordner Gelöscht : C:\Program Files (x86)\Ask.com

Ordner Gelöscht : C:\ProgramData\Ask

Ordner Gelöscht : C:\Users\Christina\AppData\LocalLow\AskToolbar

Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\APN

Schlüssel Gelöscht : HKCU\Software\APN PIP

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar

Schlüssel Gelöscht : HKCU\Software\Ask.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Schlüssel Gelöscht : HKLM\Software\APN

Schlüssel Gelöscht : HKLM\Software\AskToolbar

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Schlüssel Gelöscht : HKLM\Software\PIP

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16618
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v21.0 (de)
 

Datei : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\prefs.js
 

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");

Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");

Gelöscht : user_pref("browser.search.order.1", "Ask.com");

Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

Gelöscht : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
 

*************************
 

AdwCleaner[S1].txt - [4688 octets] - [26/06/2013 18:42:09]
 

########## EOF - C:\AdwCleaner[S1].txt - [4748 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Professional x64

Ran by Christina on 26.06.2013 at 18:44:42.74

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5E9A69D0-5D93-4FD8-9225-547973487333}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\Christina\AppData\Roaming\mozilla\firefox\profiles\xoanhavj.default-1362081687876\minidumps [39 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 26.06.2013 at 18:49:02.97

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01

Ran by Christina (administrator) on 26-06-2013 18:51:16

Running from C:\Users\Christina\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Adobe Systems Incorporated) c:\Users\Christina\CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

() C:\Program Files (x86)\Backblaze\bzserv.exe

() C:\ProgramData\DatacardService\DCService.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe

() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\ISCTHidMonitor.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

() C:\Program Files (x86)\Backblaze\bzbui.exe

(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

(Huawei Technologies Co., Ltd.) C:\Users\Christina\AppData\Roaming\Telekom Internet Manager\ouc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

(Adobe Sytems Incorporated) C:\Users\Christina\CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe

() c:\Users\Christina\CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

() C:\Program Files (x86)\Backblaze\bzfilelist.exe

(Sophos Limited) C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\alupdate.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2830120 2011-10-03] (Synaptics Incorporated)

HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel(R) Corporation)

HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)

HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2779024 2011-03-14] (CANON INC.)

HKCU\...\Run: [Backblaze] "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet [491184 2012-11-08] ()

HKCU\...\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14767976 2011-11-07] (GARMIN Corp.)

HKCU\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] "C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe" [110592 2009-12-31] (Huawei Technologies Co., Ltd.)

HKCU\...\Policies\system: [DisableRegistryTools] 0

HKCU\...\Policies\system: [DisableTaskMgr] 0

MountPoints2: {72cfeb0c-60d7-11e2-8527-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {72cfeb0f-60d7-11e2-8527-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {749a8371-d64b-11e1-a7eb-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {749a8382-d64b-11e1-a7eb-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {d32c34b4-7820-11e1-81a6-4ceb4269955f} - F:\Autorun.exe

MountPoints2: {f4f7e145-bf0a-11e2-8a04-4ceb4269955f} - F:\Startme.exe

HKLM-x32\...\Run: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [47616 2011-11-04] (Windows (R) Win 7 DDK provider)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1612920 2011-08-04] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [452016 2011-01-15] (CANON INC.)

HKLM-x32\...\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2012-07-25] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)

HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM-x32\...\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [Adobe Version Cue CS2] "c:\Users\Christina\CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [856064 2005-04-06] (Adobe Sytems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [620152 2006-10-23] (Adobe Systems Inc.)

HKLM-x32\...\Run: []  [x]

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-02-13] (Sophos Limited)

HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [218256 2012-09-21] (Sophos Limited)

AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [221840 2012-09-21] (Sophos Limited)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk

ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/16

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/16

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171

Tcpip\..\Interfaces\{16F4FE95-EB76-4D80-A7FD-D6E4DF02929F}: [NameServer]10.74.210.210 10.74.210.211
 

FireFox:

========

FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876

FF SelectedSearchEngine: Google

FF Homepage: www.google.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Deutsches Wörterbuch - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\de-DE@dictionaries.addons.mozilla.org

FF Extension: Dictionary Switcher - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\dictionary-switcher@design-noir.de

FF Extension: British English Dictionary - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\en-GB@dictionaries.addons.mozilla.org

FF Extension: United States English Spellchecker - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\en-US@dictionaries.addons.mozilla.org

FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\ich@maltegoetz.de

FF Extension: ChatZilla - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

FF Extension: unplug - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\unplug@compunach.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-11] (Adobe Systems)

R2 Adobe Version Cue CS2; c:\Users\Christina\CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated)

R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [206000 2012-11-08] ()

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()

R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)

R2 ISCTAgent; C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [94208 2011-09-15] ()

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2013-02-13] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2012-09-21] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-02-13] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-11-12] (Sophos Limited)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2890232 2013-06-20] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2012-11-12] (Sophos Limited)

S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]

S3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
 

==================== Drivers (Whitelisted) ====================
 

R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [252928 2010-04-30] (Huawei Technologies Co., Ltd.)

R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [70912 2011-11-04] (Fresco Logic)

R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)

R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-09-15] ()

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-13] (hxxp://libusb-win32.sourceforge.net)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)

S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)

S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)

S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)

S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)

S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2012-09-21] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2011-10-01] (Sophos Limited)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2011-08-25] (Sophos Plc)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-06-26 18:49 - 2013-06-26 18:49 - 00001304 ____A C:\Users\Christina\Desktop\JRT.txt

2013-06-26 18:44 - 2013-06-26 18:44 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christina\Desktop\JRT.exe

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Windows\ERUNT

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\JRT

2013-06-26 18:42 - 2013-06-26 18:42 - 00004809 ____A C:\AdwCleaner[S1].txt

2013-06-26 18:42 - 2013-06-26 18:42 - 00000108 ____A C:\Windows\DeleteOnReboot.bat

2013-06-26 18:41 - 2013-06-26 18:41 - 00648201 ____A C:\Users\Christina\Desktop\adwcleaner.exe

2013-06-25 21:30 - 2013-06-25 21:30 - 00023481 ____A C:\Users\Christina\Desktop\Addition.txt

2013-06-25 21:29 - 2013-06-25 21:29 - 00000000 ____D C:\FRST

2013-06-25 21:28 - 2013-06-25 21:28 - 01931854 ____A (Farbar) C:\Users\Christina\Desktop\FRST64.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-25 19:04 - 2013-06-25 19:04 - 00000000 ____D C:\Program Files (x86)\Java

2013-06-25 19:02 - 2013-06-25 19:02 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-06-25 19:01 - 2013-06-25 19:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-06-25 19:01 - 2013-06-25 19:01 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Christina\Downloads\mbam-setup-1.75.0.1300.exe

2013-06-25 19:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-06-19 10:46 - 2013-06-19 10:46 - 00000881 ____A C:\Users\Christina\.recently-used.xbel

2013-06-19 10:21 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-06-19 10:21 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-06-19 04:25 - 2013-06-19 04:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-06-19 04:24 - 2013-06-19 04:24 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-06-19 04:23 - 2013-06-19 04:23 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:21 - 2013-06-19 04:31 - 00010360 ____A C:\Windows\IE10_main.log

2013-06-18 15:32 - 2013-06-18 15:32 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log

2013-06-16 15:06 - 2013-06-16 15:07 - 00000239 ____A C:\Users\Christina\Desktop\SonderVA.txt

2013-06-16 11:29 - 2013-06-19 20:08 - 00000000 ____D C:\Windows\rescache

2013-06-12 20:48 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2013-06-12 20:48 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2013-06-12 20:48 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2013-06-12 20:48 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-06-12 20:48 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe

2013-06-12 20:48 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-06-12 20:48 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-06-12 20:48 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll

2013-06-12 20:48 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2013-06-12 20:48 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-06-12 20:48 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2013-06-12 20:48 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-06-12 20:48 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-06-12 20:48 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

2013-06-06 07:27 - 2013-06-06 07:27 - 00036449 ____A C:\Users\Christina\Downloads\lookout-1.2.13-sm+tb.xpi
 

==================== One Month Modified Files and Folders =======
 

2013-06-26 18:50 - 2009-07-14 06:45 - 00035040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-06-26 18:50 - 2009-07-14 06:45 - 00035040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-06-26 18:49 - 2013-06-26 18:49 - 00001304 ____A C:\Users\Christina\Desktop\JRT.txt

2013-06-26 18:49 - 2011-12-22 01:06 - 00697098 ____A C:\Windows\System32\perfh007.dat

2013-06-26 18:49 - 2011-12-22 01:06 - 00148362 ____A C:\Windows\System32\perfc007.dat

2013-06-26 18:49 - 2009-07-14 07:13 - 01613412 ____A C:\Windows\System32\PerfStringBackup.INI

2013-06-26 18:44 - 2013-06-26 18:44 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christina\Desktop\JRT.exe

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Windows\ERUNT

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\JRT

2013-06-26 18:43 - 2012-08-12 17:37 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-06-26 18:43 - 2012-03-28 20:01 - 00000000 ___RD C:\Dropbox

2013-06-26 18:43 - 2012-03-28 19:55 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox

2013-06-26 18:43 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-06-26 18:43 - 2009-07-14 06:51 - 00100184 ____A C:\Windows\setupact.log

2013-06-26 18:42 - 2013-06-26 18:42 - 00004809 ____A C:\AdwCleaner[S1].txt

2013-06-26 18:42 - 2013-06-26 18:42 - 00000108 ____A C:\Windows\DeleteOnReboot.bat

2013-06-26 18:42 - 2012-03-05 08:32 - 01440381 ____A C:\Windows\WindowsUpdate.log

2013-06-26 18:41 - 2013-06-26 18:41 - 00648201 ____A C:\Users\Christina\Desktop\adwcleaner.exe

2013-06-26 18:29 - 2012-08-12 17:37 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-06-26 18:29 - 2012-04-11 20:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-06-25 22:10 - 2012-09-06 03:01 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Skype

2013-06-25 21:30 - 2013-06-25 21:30 - 00023481 ____A C:\Users\Christina\Desktop\Addition.txt

2013-06-25 21:29 - 2013-06-25 21:29 - 00000000 ____D C:\FRST

2013-06-25 21:28 - 2013-06-25 21:28 - 01931854 ____A (Farbar) C:\Users\Christina\Desktop\FRST64.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-25 19:04 - 2013-06-25 19:04 - 00000000 ____D C:\Program Files (x86)\Java

2013-06-25 19:04 - 2012-10-09 19:58 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-06-25 19:04 - 2012-10-09 19:58 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-06-25 19:02 - 2013-06-25 19:02 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-06-25 19:01 - 2013-06-25 19:01 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Christina\Downloads\mbam-setup-1.75.0.1300.exe

2013-06-24 21:41 - 2013-01-16 12:33 - 04467712 ____A C:\Users\Christina\AppData\Local\wnc.db

2013-06-24 21:41 - 2013-01-16 12:33 - 00047723 ____A C:\Users\Christina\AppData\Local\wnc.log.0

2013-06-24 21:41 - 2013-01-16 12:33 - 00032696 ____A C:\Users\Christina\Documents\WriteNCite.trace.log

2013-06-24 21:41 - 2013-01-16 12:33 - 00000000 ____A C:\Users\Christina\AppData\Local\wnc.log.0.lck

2013-06-21 03:26 - 2013-01-11 14:11 - 00000000 ____D C:\ProgramData\FLEXnet

2013-06-21 03:25 - 2012-10-14 22:18 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForChristina.job

2013-06-20 18:06 - 2013-02-21 18:02 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-06-20 18:06 - 2012-04-05 15:32 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log

2013-06-19 20:08 - 2013-06-16 11:29 - 00000000 ____D C:\Windows\rescache

2013-06-19 10:46 - 2013-06-19 10:46 - 00000881 ____A C:\Users\Christina\.recently-used.xbel

2013-06-19 10:46 - 2012-06-14 21:13 - 00000000 ____D C:\Users\Christina\.gimp-2.6

2013-06-19 10:46 - 2012-03-27 07:32 - 00000000 ____D C:\users\Christina

2013-06-19 10:43 - 2012-06-14 21:14 - 00000000 ____D C:\Users\Christina\AppData\Roaming\gtk-2.0

2013-06-19 06:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR

2013-06-19 04:31 - 2013-06-19 04:21 - 00010360 ____A C:\Windows\IE10_main.log

2013-06-19 04:25 - 2013-06-19 04:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-06-19 04:25 - 2013-06-19 04:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-06-19 04:24 - 2013-06-19 04:24 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-06-19 04:23 - 2013-06-19 04:23 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-18 15:32 - 2013-06-18 15:32 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log

2013-06-18 15:31 - 2012-10-09 19:56 - 00903072 ____A (Oracle Corporation) C:\Users\Christina\Downloads\jxpiinstall.exe

2013-06-17 18:55 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-06-16 15:07 - 2013-06-16 15:06 - 00000239 ____A C:\Users\Christina\Desktop\SonderVA.txt

2013-06-13 06:52 - 2012-04-11 20:18 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-13 06:52 - 2011-12-21 16:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-12 21:38 - 2012-04-02 13:33 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-06-06 07:27 - 2013-06-06 07:27 - 00036449 ____A C:\Users\Christina\Downloads\lookout-1.2.13-sm+tb.xpi

2013-06-06 07:22 - 2012-03-28 20:01 - 00001033 ____A C:\Users\Christina\Desktop\Dropbox.lnk

2013-06-03 13:10 - 2013-03-04 21:01 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-06-03 13:10 - 2011-12-21 16:50 - 00000000 ____D C:\ProgramData\Skype

2013-06-01 01:19 - 2012-06-11 19:48 - 00000000 ____D C:\ProgramData\CanonIJPLM
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-23 14:24
 

==================== End Of Log ============================

--- --- ---

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST Log, noch Probleme? :)

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=4ec691b21462464e86ea40b5e0bb7988

# engine=14165

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-06-26 08:45:59

# local_time=2013-06-26 10:45:59 (+0100, Mitteleuropäische Sommerzeit)

# country="Switzerland"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 39446715 123909409 0 0

# compatibility_mode=8450 16777213 85 99 535878 58039123 0 0

# scanned=205134

# found=0

# cleaned=0

# scan_time=5081

Code:

 Results of screen317's Security Check version 0.99.68  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 10  
 ``````````````Antivirus/Firewall Check:`````````````` 

Sophos Anti-Virus   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware Version 1.75.0.1300  

 Java 7 Update 25  

 Adobe Flash Player 11.7.700.224  

 Adobe Reader 10.1.7 Adobe Reader out of Date!  

 Mozilla Firefox 21.0 Firefox out of Date!  

 Mozilla Thunderbird (17.0.6) 
 ````````Process Check: objlist.exe by Laurent````````  

 Sophos Sophos Anti-Virus SavService.exe  

 Sophos Sophos Anti-Virus SAVAdminService.exe  

 Sophos Sophos Anti-Virus Web Control swc_service.exe 

 Sophos Sophos Anti-Virus Web Intelligence swi_service.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01

Ran by Christina (administrator) on 26-06-2013 22:51:49

Running from C:\Users\Christina\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Adobe Systems Incorporated) c:\Users\Christina\CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

() C:\Program Files (x86)\Backblaze\bzbui.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

() C:\Program Files (x86)\Backblaze\bzserv.exe

() C:\ProgramData\DatacardService\DCService.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Huawei Technologies Co., Ltd.) C:\Users\Christina\AppData\Roaming\Telekom Internet Manager\ouc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe

() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\ISCTHidMonitor.exe

(Dropbox, Inc.) C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Adobe Sytems Incorporated) C:\Users\Christina\CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

() c:\Users\Christina\CS2\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

() C:\Program Files (x86)\Backblaze\bztransmit.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2830120 2011-10-03] (Synaptics Incorporated)

HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel(R) Corporation)

HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)

HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-23] (IDT, Inc.)

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2779024 2011-03-14] (CANON INC.)

HKCU\...\Run: [Backblaze] "C:\Program Files (x86)\Backblaze\bzbui.exe" -quiet [491184 2012-11-08] ()

HKCU\...\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14767976 2011-11-07] (GARMIN Corp.)

HKCU\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] "C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe" [110592 2009-12-31] (Huawei Technologies Co., Ltd.)

HKCU\...\Policies\system: [DisableRegistryTools] 0

HKCU\...\Policies\system: [DisableTaskMgr] 0

MountPoints2: {72cfeb0c-60d7-11e2-8527-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {72cfeb0f-60d7-11e2-8527-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {749a8371-d64b-11e1-a7eb-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {749a8382-d64b-11e1-a7eb-4ceb4269955f} - F:\AutoRun.exe

MountPoints2: {d32c34b4-7820-11e1-81a6-4ceb4269955f} - F:\Autorun.exe

MountPoints2: {f4f7e145-bf0a-11e2-8a04-4ceb4269955f} - F:\Startme.exe

HKLM-x32\...\Run: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [47616 2011-11-04] (Windows (R) Win 7 DDK provider)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1612920 2011-08-04] (CANON INC.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [452016 2011-01-15] (CANON INC.)

HKLM-x32\...\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2012-07-25] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)

HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM-x32\...\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [Adobe Version Cue CS2] "c:\Users\Christina\CS2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [856064 2005-04-06] (Adobe Sytems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [620152 2006-10-23] (Adobe Systems Inc.)

HKLM-x32\...\Run: []  [x]

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-02-13] (Sophos Limited)

HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [218256 2012-09-21] (Sophos Limited)

AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [221840 2012-09-21] (Sophos Limited)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk

ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Christina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/16

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/16

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171

Tcpip\..\Interfaces\{16F4FE95-EB76-4D80-A7FD-D6E4DF02929F}: [NameServer]10.74.210.210 10.74.210.211
 

FireFox:

========

FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876

FF SelectedSearchEngine: Google

FF Homepage: www.google.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Deutsches Wörterbuch - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\de-DE@dictionaries.addons.mozilla.org

FF Extension: Dictionary Switcher - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\dictionary-switcher@design-noir.de

FF Extension: British English Dictionary - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\en-GB@dictionaries.addons.mozilla.org

FF Extension: United States English Spellchecker - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\en-US@dictionaries.addons.mozilla.org

FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\ich@maltegoetz.de

FF Extension: ChatZilla - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

FF Extension: unplug - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\unplug@compunach.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF Extension: No Name - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xoanhavj.default-1362081687876\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-11] (Adobe Systems)

R2 Adobe Version Cue CS2; c:\Users\Christina\CS2\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated)

R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [206000 2012-11-08] ()

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()

R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)

R2 ISCTAgent; C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [94208 2011-09-15] ()

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2013-02-13] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2012-09-21] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-02-13] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-11-12] (Sophos Limited)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2890232 2013-06-20] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2012-11-12] (Sophos Limited)

S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]

S3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
 

==================== Drivers (Whitelisted) ====================
 

R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [252928 2010-04-30] (Huawei Technologies Co., Ltd.)

R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [70912 2011-11-04] (Fresco Logic)

R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)

R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-09-15] ()

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-13] (hxxp://libusb-win32.sourceforge.net)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)

S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)

S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)

S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)

S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)

S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2012-09-21] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2011-10-01] (Sophos Limited)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2011-08-25] (Sophos Plc)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-06-26 22:49 - 2013-06-26 22:49 - 00890988 ____A C:\Users\Christina\Desktop\SecurityCheck.exe

2013-06-26 21:20 - 2013-06-26 21:20 - 02347384 ____A (ESET) C:\Users\Christina\Desktop\esetsmartinstaller_enu.exe

2013-06-26 21:20 - 2013-06-26 21:20 - 00000000 ____D C:\Program Files (x86)\ESET

2013-06-26 18:49 - 2013-06-26 18:49 - 00001304 ____A C:\Users\Christina\Desktop\JRT.txt

2013-06-26 18:44 - 2013-06-26 18:44 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christina\Desktop\JRT.exe

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Windows\ERUNT

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\JRT

2013-06-26 18:42 - 2013-06-26 18:42 - 00004809 ____A C:\AdwCleaner[S1].txt

2013-06-26 18:42 - 2013-06-26 18:42 - 00000108 ____A C:\Windows\DeleteOnReboot.bat

2013-06-26 18:41 - 2013-06-26 18:41 - 00648201 ____A C:\Users\Christina\Desktop\adwcleaner.exe

2013-06-25 21:30 - 2013-06-25 21:30 - 00023481 ____A C:\Users\Christina\Desktop\Addition.txt

2013-06-25 21:29 - 2013-06-25 21:29 - 00000000 ____D C:\FRST

2013-06-25 21:28 - 2013-06-25 21:28 - 01931854 ____A (Farbar) C:\Users\Christina\Desktop\FRST64.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-25 19:04 - 2013-06-25 19:04 - 00000000 ____D C:\Program Files (x86)\Java

2013-06-25 19:02 - 2013-06-25 19:02 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-06-25 19:01 - 2013-06-25 19:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-06-25 19:01 - 2013-06-25 19:01 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Christina\Downloads\mbam-setup-1.75.0.1300.exe

2013-06-25 19:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-06-19 10:46 - 2013-06-19 10:46 - 00000881 ____A C:\Users\Christina\.recently-used.xbel

2013-06-19 10:21 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-06-19 10:21 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-06-19 04:25 - 2013-06-19 04:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-06-19 04:24 - 2013-06-19 04:24 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-06-19 04:23 - 2013-06-19 04:23 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:21 - 2013-06-19 04:31 - 00010360 ____A C:\Windows\IE10_main.log

2013-06-18 15:32 - 2013-06-18 15:32 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log

2013-06-16 15:06 - 2013-06-16 15:07 - 00000239 ____A C:\Users\Christina\Desktop\SonderVA.txt

2013-06-16 11:29 - 2013-06-19 20:08 - 00000000 ____D C:\Windows\rescache

2013-06-12 20:48 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2013-06-12 20:48 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2013-06-12 20:48 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2013-06-12 20:48 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-06-12 20:48 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-06-12 20:48 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe

2013-06-12 20:48 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-06-12 20:48 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-06-12 20:48 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll

2013-06-12 20:48 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2013-06-12 20:48 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-06-12 20:48 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2013-06-12 20:48 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-06-12 20:48 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-06-12 20:48 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

2013-06-06 07:27 - 2013-06-06 07:27 - 00036449 ____A C:\Users\Christina\Downloads\lookout-1.2.13-sm+tb.xpi
 

==================== One Month Modified Files and Folders =======
 

2013-06-26 22:52 - 2012-04-11 20:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-06-26 22:49 - 2013-06-26 22:49 - 00890988 ____A C:\Users\Christina\Desktop\SecurityCheck.exe

2013-06-26 22:11 - 2012-03-05 08:32 - 01457563 ____A C:\Windows\WindowsUpdate.log

2013-06-26 22:07 - 2012-08-12 17:37 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-06-26 21:20 - 2013-06-26 21:20 - 02347384 ____A (ESET) C:\Users\Christina\Desktop\esetsmartinstaller_enu.exe

2013-06-26 21:20 - 2013-06-26 21:20 - 00000000 ____D C:\Program Files (x86)\ESET

2013-06-26 20:07 - 2012-08-12 17:37 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-06-26 19:01 - 2009-07-14 06:45 - 00035040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-06-26 19:01 - 2009-07-14 06:45 - 00035040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-06-26 18:58 - 2011-12-22 01:06 - 00697098 ____A C:\Windows\System32\perfh007.dat

2013-06-26 18:58 - 2011-12-22 01:06 - 00148362 ____A C:\Windows\System32\perfc007.dat

2013-06-26 18:58 - 2009-07-14 07:13 - 01613412 ____A C:\Windows\System32\PerfStringBackup.INI

2013-06-26 18:54 - 2012-03-28 20:01 - 00000000 ___RD C:\Dropbox

2013-06-26 18:54 - 2012-03-28 19:55 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Dropbox

2013-06-26 18:54 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-06-26 18:54 - 2009-07-14 06:51 - 00100240 ____A C:\Windows\setupact.log

2013-06-26 18:49 - 2013-06-26 18:49 - 00001304 ____A C:\Users\Christina\Desktop\JRT.txt

2013-06-26 18:44 - 2013-06-26 18:44 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christina\Desktop\JRT.exe

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Windows\ERUNT

2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\JRT

2013-06-26 18:42 - 2013-06-26 18:42 - 00004809 ____A C:\AdwCleaner[S1].txt

2013-06-26 18:42 - 2013-06-26 18:42 - 00000108 ____A C:\Windows\DeleteOnReboot.bat

2013-06-26 18:41 - 2013-06-26 18:41 - 00648201 ____A C:\Users\Christina\Desktop\adwcleaner.exe

2013-06-25 22:10 - 2012-09-06 03:01 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Skype

2013-06-25 21:30 - 2013-06-25 21:30 - 00023481 ____A C:\Users\Christina\Desktop\Addition.txt

2013-06-25 21:29 - 2013-06-25 21:29 - 00000000 ____D C:\FRST

2013-06-25 21:28 - 2013-06-25 21:28 - 01931854 ____A (Farbar) C:\Users\Christina\Desktop\FRST64.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-25 19:04 - 2013-06-25 19:04 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-25 19:04 - 2013-06-25 19:04 - 00000000 ____D C:\Program Files (x86)\Java

2013-06-25 19:04 - 2012-10-09 19:58 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-06-25 19:04 - 2012-10-09 19:58 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-06-25 19:02 - 2013-06-25 19:02 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\Users\Christina\AppData\Roaming\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-06-25 19:02 - 2013-06-25 19:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-06-25 19:01 - 2013-06-25 19:01 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Christina\Downloads\mbam-setup-1.75.0.1300.exe

2013-06-24 21:41 - 2013-01-16 12:33 - 04467712 ____A C:\Users\Christina\AppData\Local\wnc.db

2013-06-24 21:41 - 2013-01-16 12:33 - 00047723 ____A C:\Users\Christina\AppData\Local\wnc.log.0

2013-06-24 21:41 - 2013-01-16 12:33 - 00032696 ____A C:\Users\Christina\Documents\WriteNCite.trace.log

2013-06-24 21:41 - 2013-01-16 12:33 - 00000000 ____A C:\Users\Christina\AppData\Local\wnc.log.0.lck

2013-06-21 03:26 - 2013-01-11 14:11 - 00000000 ____D C:\ProgramData\FLEXnet

2013-06-21 03:25 - 2012-10-14 22:18 - 00000348 ____A C:\Windows\Tasks\HPCeeScheduleForChristina.job

2013-06-20 18:06 - 2013-02-21 18:02 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-06-20 18:06 - 2012-04-05 15:32 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log

2013-06-19 20:08 - 2013-06-16 11:29 - 00000000 ____D C:\Windows\rescache

2013-06-19 10:46 - 2013-06-19 10:46 - 00000881 ____A C:\Users\Christina\.recently-used.xbel

2013-06-19 10:46 - 2012-06-14 21:13 - 00000000 ____D C:\Users\Christina\.gimp-2.6

2013-06-19 10:46 - 2012-03-27 07:32 - 00000000 ____D C:\users\Christina

2013-06-19 10:43 - 2012-06-14 21:14 - 00000000 ____D C:\Users\Christina\AppData\Roaming\gtk-2.0

2013-06-19 06:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK

2013-06-19 06:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR

2013-06-19 04:31 - 2013-06-19 04:21 - 00010360 ____A C:\Windows\IE10_main.log

2013-06-19 04:25 - 2013-06-19 04:25 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-06-19 04:25 - 2013-06-19 04:25 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-06-19 04:25 - 2013-06-19 04:25 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-06-19 04:25 - 2013-06-19 04:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-06-19 04:25 - 2013-06-19 04:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-06-19 04:25 - 2013-06-19 04:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-06-19 04:25 - 2013-06-19 04:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-06-19 04:24 - 2013-06-19 04:24 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-06-19 04:24 - 2013-06-19 04:24 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-06-19 04:24 - 2013-06-19 04:24 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-06-19 04:23 - 2013-06-19 04:23 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-19 04:23 - 2013-06-19 04:23 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-06-18 15:32 - 2013-06-18 15:32 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log

2013-06-18 15:31 - 2012-10-09 19:56 - 00903072 ____A (Oracle Corporation) C:\Users\Christina\Downloads\jxpiinstall.exe

2013-06-17 18:55 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-06-16 15:07 - 2013-06-16 15:06 - 00000239 ____A C:\Users\Christina\Desktop\SonderVA.txt

2013-06-13 06:52 - 2012-04-11 20:18 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-13 06:52 - 2011-12-21 16:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-12 21:38 - 2012-04-02 13:33 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-06-06 07:27 - 2013-06-06 07:27 - 00036449 ____A C:\Users\Christina\Downloads\lookout-1.2.13-sm+tb.xpi

2013-06-06 07:22 - 2012-03-28 20:01 - 00001033 ____A C:\Users\Christina\Desktop\Dropbox.lnk

2013-06-03 13:10 - 2013-03-04 21:01 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-06-03 13:10 - 2011-12-21 16:50 - 00000000 ____D C:\ProgramData\Skype

2013-06-01 01:19 - 2012-06-11 19:48 - 00000000 ____D C:\ProgramData\CanonIJPLM
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-23 14:24
 

==================== End Of Log ============================

--- --- ---

Adobe und Firefox updaten.

Noch Probleme? :)

Hallo den aktuellen Rechner mache ich heute Abend fertig. Keine Probleme mehr.
Bitte einfach noch mal die abschliessenden Anweisungen :-D

Einen hätte ich hier aber noch. Nennen wir ihn B.
Da war auch dieser VLC-Player drauf. Kann sein, dass der was eingeschleppt hat. Windows meldet im Moment noch nix.

LG
Tina

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02

Ran by maxxe (administrator) on 27-06-2013 16:42:41

Running from C:\Users\maxxe\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe

(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe

(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Lenovo.) C:\Windows\System32\TpShocks.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

(Dropbox, Inc.) C:\Users\maxxe\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12480616 2012-04-17] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4  [1158248 2012-03-09] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)

HKLM\...\Run: [TpShocks] TpShocks.exe [382528 2012-02-25] (Lenovo.)

HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)

HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [64608 2012-05-30] (Lenovo)

Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)

MountPoints2: {8f637e48-645b-11e2-b5eb-806e6f6e6963} - Q:\LenovoQDrive.exe

MountPoints2: {8f637e4b-645b-11e2-b5eb-806e6f6e6963} - E:\MasterSetup.exe

HKLM-x32\...\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)

HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-04-19] (Intel Corporation)

HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [133400 2012-02-28] (Intel Corporation)

HKLM-x32\...\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart [507744 2011-12-20] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [5941344 2012-05-15] (Lenovo Group Limited)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-07-12] (Intel Corporation)

HKLM-x32\...\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot [4351712 2011-07-13] (Lenovo, Inc.)

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-02-21] (Sophos Limited)

HKLM-x32\...\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized [522232 2012-09-26] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [MobileAccess] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe -silentExitIfNotFirst [155864 2013-04-17] (Lenovo)

HKU\Default\...\RunOnce: [Lenovo.ShowBand] C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe /show [52584 2013-05-17] (Lenovo)

HKU\Default\...\RunOnce: []  [x]

HKU\Default\...\RunOnce: [Lenovoautoqdrive] C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe /DRIVE=Q [159744 2011-12-15] ()

HKU\Default User\...\RunOnce: [Lenovo.ShowBand] C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe /show [52584 2013-05-17] (Lenovo)

HKU\Default User\...\RunOnce: []  [x]

HKU\Default User\...\RunOnce: [Lenovoautoqdrive] C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe /DRIVE=Q [159744 2011-12-15] ()

AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [218256 2012-09-21] (Sophos Limited)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [221840 2012-09-21] (Sophos Limited)

Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina

Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\maxxe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\maxxe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL (Microsoft Corporation)

Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [88128] (Sophos Limited)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [131648] (Sophos Limited)

Tcpip\Parameters: [DhcpNameServer] 141.30.66.135 141.30.66.1

Tcpip\..\Interfaces\{C0E5E76C-72D5-47B2-934E-8BB2BABC5C38}: [NameServer]139.7.30.126 139.7.30.125
 

FireFox:

========

FF ProfilePath: C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default

FF Homepage: hxxp://www.google.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Deutsches Wörterbuch - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\de-DE@dictionaries.addons.mozilla.org

FF Extension: Dictionary Switcher - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\dictionary-switcher@design-noir.de

FF Extension: British English Dictionary - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\en-GB@dictionaries.addons.mozilla.org

FF Extension: United States English Spellchecker - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\en-US@dictionaries.addons.mozilla.org

FF Extension: Print pages to PDF - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\printPages2Pdf@reinhold.ripper

FF Extension: dictlookup - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\dictlookup@arnhold.com.xpi

FF Extension: No Name - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi

FF Extension: No Name - C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP

CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
 

==================== Services (Whitelisted) =================
 

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)

R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)

R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)

R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)

S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-24] (Nitro PDF Software)

R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)

R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [217592 2013-02-21] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [159296 2012-09-21] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-02-21] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-11-12] (Sophos Limited)

S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-02-04] ()

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2890232 2013-05-24] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2010688 2012-11-12] (Sophos Limited)

R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)

R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)

R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)

R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)

R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)

R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)

R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)

R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)

R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)

R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-02-20] (Intel Corporation)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [154952 2012-09-21] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-08-14] (Sophos Limited)

R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-08-14] (Sophos Plc)

R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)

R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)

R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-06-27 16:42 - 2013-06-27 16:42 - 00000000 ____D C:\FRST

2013-06-27 16:41 - 2013-06-27 16:41 - 01931940 ____A (Farbar) C:\Users\maxxe\Desktop\FRST64.exe

2013-06-24 20:11 - 2013-06-24 20:11 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\QcWizard

2013-06-24 10:30 - 2013-06-24 10:37 - 00000000 ___HD C:\NutTrash4

2013-06-24 10:10 - 2013-06-24 14:34 - 00555612 ____A C:\Users\maxxe\test.map

2013-06-24 05:32 - 2013-06-24 14:34 - 06695932 ____A C:\Users\maxxe\test.sim

2013-06-24 05:32 - 2013-06-24 14:34 - 00059530 ____A C:\Users\maxxe\test.out

2013-06-21 16:09 - 2013-06-24 14:35 - 00000328 ___AH C:\Users\maxxe\.xafsyncallrc

2013-06-21 16:09 - 2013-06-24 14:35 - 00000161 ___AH C:\Users\maxxe\.xafsyncrc

2013-06-21 15:15 - 2013-06-21 15:15 - 00000000 ____D C:\ProgramData\AutoForm

2013-06-21 15:15 - 2013-06-21 15:15 - 00000000 ____D C:\Program Files\AutoForm

2013-06-21 15:12 - 2013-06-21 15:12 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\ProgramData\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\Program Files\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\Program Files (x86)\Hummingbird

2013-06-21 15:06 - 2013-06-21 15:06 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\InstallShield

2013-06-13 20:08 - 2013-06-13 20:08 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-06-13 10:57 - 2013-06-13 10:57 - 00000000 ____D C:\ProgramData\Hewlett-Packard

2013-06-13 10:57 - 2012-01-27 17:37 - 00286720 ____A (Hewlett-Packard Corporation) C:\Windows\System32\hpcpn120.dll

2013-06-13 10:57 - 2012-01-27 17:30 - 00322048 ____A (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpcc3120.DLL

2013-06-13 10:57 - 2010-04-23 06:18 - 00507904 ____A (HP) C:\Windows\SysWOW64\hpcdmc32.DLL

2013-06-13 05:46 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-06-12 08:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-06-12 08:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-06-12 08:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-06-12 08:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-06-12 08:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-06-12 08:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-06-12 08:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-06-12 08:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-06-12 08:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-06-12 08:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-06-12 08:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-06-12 08:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-06-12 08:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-06-12 08:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-06-12 08:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-06-12 08:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-06-12 08:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-06-12 08:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-06-12 08:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-06-12 08:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-06-12 08:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-06-12 08:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-06-12 08:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-06-12 08:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-06-12 08:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-06-12 08:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-06-12 08:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-06-12 08:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-06-12 08:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-06-12 08:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-06-12 08:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-06-12 08:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-06-12 05:59 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2013-06-12 05:59 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2013-06-12 05:59 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2013-06-12 05:59 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll

2013-06-12 05:59 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-06-12 05:59 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2013-06-12 05:59 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2013-06-12 05:59 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe

2013-06-12 05:59 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2013-06-12 05:59 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2013-06-12 05:59 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll

2013-06-12 05:59 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2013-06-12 05:59 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2013-06-12 05:59 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2013-06-12 05:30 - 2013-06-12 05:36 - 00000000 ____D C:\Users\maxxe\AppData\OICE_15_974FA576_32C1D314_B6E

2013-06-02 20:54 - 2013-06-02 20:55 - 00000000 ____D C:\Users\maxxe\AppData\OICE_15_974FA576_32C1D314_3F86

2013-05-31 08:48 - 2013-05-31 08:48 - 00000000 ____D C:\Users\maxxe\AppData\Local\Sophos

2013-05-29 16:55 - 2013-05-29 16:55 - 00000000 ____D C:\Users\maxxe\AppData\Local\GHISLER

2013-05-28 14:10 - 2013-05-28 14:10 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\GHISLER

2013-05-28 14:10 - 2013-05-28 14:10 - 00000000 ____D C:\Program Files\totalcmd

2013-05-28 14:09 - 2013-05-28 14:09 - 05896408 ____A (Ghisler Software GmbH) C:\Users\maxxe\Downloads\tcm801x32_64(1).exe

2013-05-28 13:28 - 2013-05-28 13:28 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\PDF Architect
 

==================== One Month Modified Files and Folders =======
 

2013-06-27 16:42 - 2013-06-27 16:42 - 00000000 ____D C:\FRST

2013-06-27 16:41 - 2013-06-27 16:41 - 01931940 ____A (Farbar) C:\Users\maxxe\Desktop\FRST64.exe

2013-06-27 16:36 - 2013-02-21 11:29 - 00000000 ____D C:\Program Files (x86)\VideoLAN

2013-06-27 16:35 - 2009-07-14 06:51 - 00062320 ____A C:\Windows\setupact.log

2013-06-27 16:34 - 2013-05-23 20:35 - 00000000 ____D C:\Users\maxxe\Outlook - Daten & Archiv

2013-06-27 16:10 - 2013-01-22 08:33 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-06-27 12:38 - 2013-02-21 10:12 - 00000328 ____A C:\ProgramData\LastUpdate.xml

2013-06-27 12:38 - 2013-02-21 10:12 - 00000031 ____A C:\Windows\WebUpdateSvc4.INI

2013-06-27 12:20 - 2013-01-22 08:33 - 01807522 ____A C:\Windows\WindowsUpdate.log

2013-06-27 08:12 - 2009-07-14 06:45 - 00034208 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-06-27 08:12 - 2009-07-14 06:45 - 00034208 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-06-27 08:10 - 2013-01-22 17:13 - 00654166 ____A C:\Windows\System32\perfh007.dat

2013-06-27 08:10 - 2013-01-22 17:13 - 00130006 ____A C:\Windows\System32\perfc007.dat

2013-06-27 08:10 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI

2013-06-27 08:07 - 2013-02-21 10:17 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\Nitro PDF

2013-06-27 08:05 - 2013-05-23 17:49 - 00000441 ____A C:\Windows\System32\Drivers\etc\hosts.ics

2013-06-27 08:05 - 2013-02-21 11:24 - 00000000 ___RD C:\Users\maxxe\Dropbox

2013-06-27 08:05 - 2013-02-21 11:20 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\Dropbox

2013-06-27 08:05 - 2013-01-22 08:33 - 00001120 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-06-27 08:05 - 2013-01-22 08:27 - 00000000 ____D C:\ProgramData\NVIDIA

2013-06-27 08:05 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-06-27 05:14 - 2009-07-14 07:08 - 00032626 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-06-25 14:35 - 2013-02-21 10:10 - 00000000 ____D C:\Users\maxxe\AppData\Local\MobileAccess

2013-06-24 20:11 - 2013-06-24 20:11 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\QcWizard

2013-06-24 14:35 - 2013-06-21 16:09 - 00000328 ___AH C:\Users\maxxe\.xafsyncallrc

2013-06-24 14:35 - 2013-06-21 16:09 - 00000161 ___AH C:\Users\maxxe\.xafsyncrc

2013-06-24 14:34 - 2013-06-24 10:10 - 00555612 ____A C:\Users\maxxe\test.map

2013-06-24 14:34 - 2013-06-24 05:32 - 06695932 ____A C:\Users\maxxe\test.sim

2013-06-24 14:34 - 2013-06-24 05:32 - 00059530 ____A C:\Users\maxxe\test.out

2013-06-24 14:34 - 2013-02-21 10:10 - 00000000 ____D C:\users\maxxe

2013-06-24 10:37 - 2013-06-24 10:30 - 00000000 ___HD C:\NutTrash4

2013-06-23 20:28 - 2013-05-23 17:50 - 00000000 ____D C:\ldiag

2013-06-23 14:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF

2013-06-23 14:41 - 2013-05-23 20:35 - 00000000 ____D C:\Daten

2013-06-21 15:37 - 2013-02-21 10:10 - 00000000 ____D C:\Users\maxxe\AppData\Local\VirtualStore

2013-06-21 15:15 - 2013-06-21 15:15 - 00000000 ____D C:\ProgramData\AutoForm

2013-06-21 15:15 - 2013-06-21 15:15 - 00000000 ____D C:\Program Files\AutoForm

2013-06-21 15:12 - 2013-06-21 15:12 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\ProgramData\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\Program Files\Hummingbird

2013-06-21 15:07 - 2013-06-21 15:07 - 00000000 ____D C:\Program Files (x86)\Hummingbird

2013-06-21 15:06 - 2013-06-21 15:06 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\InstallShield

2013-06-19 17:44 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries

2013-06-19 10:53 - 2013-05-26 20:41 - 00000000 ____D C:\Users\maxxe\Dienstreisen

2013-06-13 20:08 - 2013-06-13 20:08 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-06-13 19:56 - 2010-11-21 05:47 - 00017140 ____A C:\Windows\PFRO.log

2013-06-13 17:53 - 2013-02-21 16:19 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-06-13 10:57 - 2013-06-13 10:57 - 00000000 ____D C:\ProgramData\Hewlett-Packard

2013-06-13 09:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

2013-06-12 17:56 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\WinBioDatabase

2013-06-12 08:32 - 2013-02-21 12:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-06-12 05:36 - 2013-06-12 05:30 - 00000000 ____D C:\Users\maxxe\AppData\OICE_15_974FA576_32C1D314_B6E

2013-06-02 21:59 - 2013-05-27 21:31 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan

2013-06-02 20:55 - 2013-06-02 20:54 - 00000000 ____D C:\Users\maxxe\AppData\OICE_15_974FA576_32C1D314_3F86

2013-05-31 08:48 - 2013-05-31 08:48 - 00000000 ____D C:\Users\maxxe\AppData\Local\Sophos

2013-05-29 16:55 - 2013-05-29 16:55 - 00000000 ____D C:\Users\maxxe\AppData\Local\GHISLER

2013-05-29 08:30 - 2009-07-14 06:45 - 00484872 ____A C:\Windows\System32\FNTCACHE.DAT

2013-05-29 04:51 - 2013-02-21 10:10 - 00126584 ____A C:\Users\maxxe\AppData\Local\GDIPFONTCACHEV1.DAT

2013-05-28 14:10 - 2013-05-28 14:10 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\GHISLER

2013-05-28 14:10 - 2013-05-28 14:10 - 00000000 ____D C:\Program Files\totalcmd

2013-05-28 14:09 - 2013-05-28 14:09 - 05896408 ____A (Ghisler Software GmbH) C:\Users\maxxe\Downloads\tcm801x32_64(1).exe

2013-05-28 14:09 - 2013-05-24 05:20 - 00000000 ____D C:\Program Files\Install

2013-05-28 13:28 - 2013-05-28 13:28 - 00000000 ____D C:\Users\maxxe\AppData\Roaming\PDF Architect
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-23 20:55
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2013 02

Ran by maxxe at 2013-06-27 16:43:07

Running from C:\Users\maxxe\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

64 Bit HP CIO Components Installer (Version: 8.2.1)

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)

Adobe AIR (x32 Version: 3.7.0.1860)

Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202)

Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0)

Anzeige am Bildschirm (Version: 6.72.00)

AutoForm^plus R3.1 Win64 (Version: 4.6)

Burn.Now 4.5 (x32 Version: 4.5.0)

Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.0.10057)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.10057)

Corel Burn.Now Lenovo Edition (x32 Version: 4.5.0)

Corel DVD MovieFactory 7 (x32 Version: 7.0.0)

Corel DVD MovieFactory Lenovo Edition (x32 Version: 7.0.0)

Corel WinDVD (x32 Version: 10.0.6.392)

Create Recovery Media (x32 Version: 1.20.0.00)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition

Direct DiscRecorder (x32 Version: 1.00.0000)

Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00)

Dolby Home Theater v4 (x32 Version: 7.2.7000.11)

Dropbox (HKCU Version: 2.0.22)

Energie-Manager (x32 Version: 6.32)

Evernote v. 4.2.3 (x32 Version: 4.2.3.15)

FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)

GIMP 2.8.4 (Version: 2.8.4)

Google Chrome (x32 Version: 27.0.1453.116)

Google Update Helper (x32 Version: 1.3.21.145)

Integrated Camera Driver Installer Package Ver.1.2.1.16 (x32 Version: 1.2.1.16)

Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)

Intel PROSet Wireless

Intel(R) Control Center (x32 Version: 1.2.1.1007)

Intel(R) Management Engine Components (x32 Version: 8.0.3.1427)

Intel(R) OpenCL CPU Runtime (x32)

Intel(R) Processor Graphics (x32 Version: 8.15.10.2725)

Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)

Intel(R) WiDi (Version: 3.1.29.0)

Intel(R) Wireless Display

Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830)

Intel® Trusted Connect Service Client (Version: 1.23.605.1)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Lenovo Auto Scroll Utility (Version: 1.11)

Lenovo Mobile Access (x32 Version: 3.2.30417.1301)

Lenovo Mobile Broadband Activation (x32 Version: 4.2.1003.00)

Lenovo Patch Utility (x32 Version: 1.3.0.9)

Lenovo Patch Utility 64 bit (Version: 1.3.0.9)

Lenovo Registration (x32 Version: 1.0.4)

Lenovo SimpleTap (Version: 3.2.0004.00)

Lenovo Solution Center (Version: 2.1.003.00)

Lenovo System Update (x32 Version: 5.02.0007)

Lenovo User Guide (x32 Version: 1.0.0009.00)

Lenovo Warranty Information (x32 Version: 1.0.0005.00)

Lenovo Welcome (x32 Version: 3.1.0020.00)

Marc 2012 (x32 Version: 12.1.0)

Mathcad 15 M010 (x32 Version: 15.0.1.0)

McAfee Security Scan Plus (x32 Version: 3.0.318.3)

Mesh Runtime (x32 Version: 15.4.5722.2)

Message Center Plus (Version: 3.1.0004.00)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)

Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)

Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)

Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)

Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)

Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)

Microsoft Silverlight (Version: 5.1.20125.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)

Mobile Broadband Drivers (x32 Version: 7.1.1.0)

Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)

Mozilla Maintenance Service (x32 Version: 21.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

Nitro Pro 7 (Version: 7.4.1.4)

NVIDIA 3D Vision Treiber 296.88 (Version: 296.88)

NVIDIA Grafiktreiber 296.88 (Version: 296.88)

NVIDIA HD-Audiotreiber 1.3.16.0 (Version: 1.3.16.0)

NVIDIA Install Application (Version: 2.1002.62.312)

NVIDIA Optimus 1.7.13 (Version: 1.7.13)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.9688)

NVIDIA Systemsteuerung 296.88 (Version: 296.88)

NVIDIA Update 1.7.13 (Version: 1.7.13)

NVIDIA Update Components (Version: 1.7.13)

NX Client for Windows 3.5.0-9 (x32 Version: 3.5.0-9)

Open Text Exceed 14 x64 (Version: 14.0.4)

Open Text Exceed 3D 14 x64 (Version: 14.0.4)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)

PDF Architect (x32 Version: 1.0.52.8917)

PDF24 Creator 5.3.0 (x32)

PDFCreator (x32 Version: 1.6.2)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6617)

Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)

RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01)

Skype™ 6.2 (x32 Version: 6.2.106)

Sophos Anti-Virus (x32 Version: 10.2.8)

Sophos AutoUpdate (x32 Version: 2.9.0.344)

SugarSync Manager (x32 Version: 1.9.61.90905)

TeamViewer 8 (x32 Version: 8.0.16642)

ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.2700)

ThinkPad Power Management Driver (Version: 1.65.05.20)

ThinkPad UltraNav Driver (Version: 16.1.1.0)

ThinkVantage Access Connections (x32 Version: 5.95)

ThinkVantage Communications Utility (Version: 3.0.34.0)

ThinkVantage Fingerprint Software (Version: 5.9.6.7084)

ThinkVantage System für aktiven Festplattenschutz (Version: 1.76)

Tinypic 3.18 (x32 Version: Tinypic 3.18)

Total Commander 64-bit (Remove or Repair) (Version: 8.01)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition

Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition

Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition

Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition

Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810014) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810017) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810018) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition

Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition

Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition

Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition

Update for Microsoft SkyDrive Pro (KB2767865) 64-Bit Edition

Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition

Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition

Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition

Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition

Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition

Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition

VIP Access (x32 Version: 2.0.5.13)

Winamp (x32 Version: 5.63 )

Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3555.0308)

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (Version: 01/11/2012 11.15.16.0)

Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (Version: 01/11/2012 9.3.0.1020)

Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011)

Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011)

Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (Version: 02/29/2012 1.65.05.20)

Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (Version: 04/06/2012 16.1.1.0)
 

==================== Restore Points  =========================
 

03-06-2013 04:59:31 Geplanter Prüfpunkt

10-06-2013 09:31:34 Geplanter Prüfpunkt

12-06-2013 06:30:46 Windows Update

13-06-2013 15:51:26 Windows Update

17-06-2013 14:06:12 Windows Update

21-06-2013 13:06:54 Installed Open Text Exceed 14 x64

21-06-2013 13:12:16 Installed Open Text Exceed 3D 14 x64

21-06-2013 13:14:56 Installed AutoForm^plus R3.1 Win64.
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0498E0F4-EDCE-4470-A885-10AB3C3526AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)

Task: {080FBD7A-426F-4801-9969-0F4CF02AC957} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)

Task: {081D1753-60EE-47E1-8E42-E7FDB7552A9D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe No File

Task: {160A8786-B534-49A4-98F4-081FF94C9530} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe [2012-05-15] (Lenovo Group Limited)

Task: {26D7BE3C-12FF-4D28-A4DC-192009965443} - System32\Tasks\Lenovo\Message Center Plus Launcher => %programfiles(x86)%\Lenovo\message center plus\mcplaunch.exe No File

Task: {29A6117F-10A7-447F-9AB2-70DE2379CCCC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe No File

Task: {2C00B0C6-105C-482C-9DD5-F667FB329DDB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)

Task: {2F08F146-0B96-45E8-A2D4-0FCE6AA63BE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)

Task: {3CDF8FEA-0435-4F32-92E2-DFB7F12F9196} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-02-04] ()

Task: {72125551-7E15-4CFA-96E6-F357A28356D3} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for maxxe-THINK.maxxe => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)

Task: {752719A4-8A5A-4679-A9A9-4BB6EB3EE2EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {9D086D0C-334C-4A8A-AE51-01EE40C02C0C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()

Task: {CAEF90B8-C1FC-4344-91D3-86CEA7F7D00E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe No File

Task: {D2BAE3A5-68A0-4ECF-BE9B-FA706156E850} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {E0496A11-EE8B-4E99-8C8B-A37498A4F8C1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)

Task: {E5012650-4832-4DE7-A20C-D459BC591AEF} - System32\Tasks\Microsoft Office 15 Sync Maintenance for maxxe-THINK-maxxe maxxe-THINK => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)

Task: {E530E8E7-4C24-4582-B88F-FFFF08EEE998} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)

Task: {F60A32DC-314C-44EB-89EE-BC16E6C84741} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 08:05:22 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)

Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
 

System errors:

=============

Error: (06/27/2013 08:06:21 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/27/2013 08:05:35 AM) (Source: ipnathlp) (User: )

Description: 
 

Error: (06/27/2013 08:05:35 AM) (Source: ipnathlp) (User: )

Description: 
 

Error: (06/27/2013 05:34:18 AM) (Source: ipnathlp) (User: )

Description: 0
 

Error: (06/27/2013 05:16:07 AM) (Source: ipnathlp) (User: )

Description: 
 

Error: (06/27/2013 05:15:23 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/26/2013 08:26:12 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/26/2013 08:15:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (06/26/2013 08:14:21 AM) (Source: ipnathlp) (User: )

Description: 
 

Error: (06/26/2013 08:14:21 AM) (Source: ipnathlp) (User: )

Description: 
 
 

Microsoft Office Sessions:

=========================

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path43900
 

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path25900
 

Error: (06/27/2013 04:34:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path17900
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path23808600
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path21808600
 

Error: (06/27/2013 04:34:39 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path18808600
 

Error: (06/27/2013 08:05:22 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path43900
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path25900
 

Error: (06/27/2013 05:15:29 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)

Description: Eap method DLL path17900
 
 

CodeIntegrity Errors:

===================================

  Date: 2013-05-23 21:58:44.451

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:30.010

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.980

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.930

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.880

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.840

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.810

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.790

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.730

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2013-05-23 18:28:29.660

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 34%

Total physical RAM: 7888.8 MB

Available physical RAM: 5137.26 MB

Total Pagefile: 15775.78 MB

Available Pagefile: 12774.16 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (Lokaler Datenträger) (Fixed) (Total:200.43 GB) (Free:62.28 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.33 GB) NTFS (Disk=0 Partition=3)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 224 GB) (Disk ID: 15118116)

Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
 

==================== End Of Log ============================

Für rechner A:

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Für rechner B:

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Code:

# AdwCleaner v2.303 - Datei am 28/06/2013 um 13:03:21 erstellt

# Aktualisiert am 08/06/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzer : maxxe - maxxe-THINK

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\maxxe\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Ordner Gelöscht : C:\ProgramData\Partner

Ordner Gelöscht : C:\Users\maxxe\AppData\Roaming\pdfforge
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}

Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16490
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v21.0 (de)
 

Datei : C:\Users\maxxe\AppData\Roaming\Mozilla\Firefox\Profiles\0b429qcb.default\prefs.js
 

[OK] Die Datei ist sauber.
 

-\\ Google Chrome v27.0.1453.116
 

Datei : C:\Users\maxxe\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [1495 octets] - [28/06/2013 13:03:21]
 

########## EOF - C:\AdwCleaner[S1].txt - [1555 octets] ##########

jetzt :-)

Supi,

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST Logfile. Noch Probleme? :)

Hallo Schrauber!

Bei dem ersten Rechner, den wir hier gemacht haben, meckert Google seit gestern, es gäbe auffälligen Traffic...

Müssen wir noch mal scannen oder sind in den Scannern irgendwelche hijacks versteckt?

Hängt der im gleichen Netzwerk? Wenn ja kann es auch dieser Rechner sein. Wir machen diesen fertig, dann schau ich nochmal kurz auf den anderen :)

Zitat:

Zitat von schrauber (Beitrag 1102254)

Hängt der im gleichen Netzwerk? Wenn ja kann es auch dieser Rechner sein. Wir machen diesen fertig, dann schau ich nochmal kurz auf den anderen :)

Dieser ist nur grad unterwegs mit meinem Freund... muss warten, dass er zurück ist von der Reise.

Wir hängen alle im Uni-Netzwerk und ich habe gerade nachgesehen, die IP ist nicht komplett statisch. Von daher muss es wirklich nicht mein Rechner schuld sein.

Neues Problem beim ersten Rechner: Unter Internet Explorer 10 kann ich keine Seiten aufrufen seit unserer Bereiniung. Ist immer nur ein weisser Bildschirm innerhalb des Explorers...

IE zurücksetzen. :)