|
PUP.Optional. ........ ca. 800 infizierte Dateien Hi, ich bin neu hier. Ich habe ein kleines :crazy: Problem. Ein Quick-scan mit Malwarebytes hat so ca. 800 infizierte Dateien gefunden. Ich würde mich sehr über Hilfe freuen. Vielen Dank schon mal im Voraus Gruß LiScho ****************************************************************** Code: Malwarebytes Anti-Malware 1.75.0.1300 |
:hallo: Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
Hi, grüß Dich. Nett von Dir, dass Du so schnell da bist. habe folgendes Problem: Systemtyp: 32 bit Betriebssystem, x64-basierter Prozessor. Wenn ich FRST 32 auswähle gibt es eine Warnung wegen Inkompatibilität oder so ähnlich. Soll ich die 32 oder die 64 er Version ausführen? Gruß LiScho |
Servus, versuchs mit der 32bit Variante von FRST. Die 64 bit Variante können wir dann immer noch nehmen. ;) |
bitte schön: [CODE]Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-10-2013 Ran by LiScho (administrator) on ROSCHO on 22-10-2013 20:04:43 Running from C:\Users\LiScho\Downloads Microsoft Windows 8.1 Pro mit Media Center (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe (Wajam) C:\Program Files\Wajam\Updater\WajamUpdaterV2.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (SpeedUpMyPC) C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe (Spotify Ltd) C:\Users\LiScho\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.) HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-09-24] (APN) HKCU\...\Run: [Spotify Web Helper] - C:\Users\LiScho\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-12] (Spotify Ltd) HKCU\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony) HKCU\...\Run: [Spotify] - C:\Users\LiScho\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-12] (Spotify Ltd) HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2013-08-22] (Microsoft Corporation) AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll [ 2013-08-22] () Startup: C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) Startup: C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1563878350&ir= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x21C297C9B1A1CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1563878350&ir= SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2 Y1H1B1Q&cr=1563878350&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2 Y1H1B1Q&cr=1563878350&ir= SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2 Y1H1B1Q&cr=1563878350&ir= SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2CDE001E8C8040D2&affID=125035&tsp=5033 SearchScopes: HKCU - {3BD8AE26-1C7E-718C-A38F-2F9609847DFD} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_f6ea224c124f408db7d75677b941d4f3_30_46_20131012_DE_ie_ds_&query={searchTerms} SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2 Y1H1B1Q&cr=1563878350&ir= BHO: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files\SuperLyrics-16\SuperLyrics-16-bho.dll (PassWizard) BHO: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files\Whilokii\Whilokiibho.dll (Whilokii) BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) BHO: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam) BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\PROGRA~1\MYSEAR~1\bh\MYSEAR~1.DLL (Ironsource Israel (2011) LTD) BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) Toolbar: HKLM - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) Toolbar: HKLM - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\PROGRA~1\MYSEAR~1\MYSEAR~3.DLL (Ironsource Israel (2011) LTD) Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225 FireFox: ======== FF ProfilePath: C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default FF user.js: detected! => C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\user.js FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ff_de_display?ie=UTF8&tagbase=bds-p07&tbrId=v1_abb-channel-7_f6ea224c124f408db7d75677b941d4f3_30_46_20131012_DE_ff_nt_ FF SearchEngineOrder.1: Mysearchdial FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CzztDyEtD0DtByDyByB0DtN0D0Tzu0CyCyCtCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1563878350&ir= FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\searchplugins\amazon.xml FF SearchPlugin: C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\searchplugins\Mysearchdial.xml FF SearchPlugin: C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\searchplugins\searchgol.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com FF Extension: No Name - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\abb@amazon.com FF Extension: mysearchdial.com - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\ffxtlbr@mysearchdial.com FF Extension: SearchGol - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\ffxtlbr@searchgol.com FF Extension: No Name - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\staged FF Extension: BonanzaDeals - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca} FF Extension: firefox - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\firefox@ghostery.com.xpi FF Extension: firefox - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\firefox@whilokii.net.xpi FF Extension: pricepeep - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\pricepeep@getpricepeep.com.xpi FF Extension: toolbar_AVIRA-V7 - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi FF Extension: No Name - C:\Users\LiScho\AppData\Roaming\Mozilla\Firefox\Profiles\pj4eeolt.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi FF Extension: No Name - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi ========================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.) S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [409088 2013-09-30] (Microsoft Corporation) S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1127936 2013-09-30] (Microsoft Corporation) S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It) S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-12] (BonanzaDeals) S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-12] (BonanzaDeals) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [357376 2013-09-30] (Microsoft Corporation) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-08-26] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [75104 2013-09-30] (Microsoft Corporation) R3 NcbService; C:\Windows\System32\ncbservice.dll [124928 2013-08-22] (Microsoft Corporation) S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation) S3 smphost; C:\Windows\System32\smphost.dll [11776 2013-08-22] (Microsoft Corporation) S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S2 Update Whilokii; C:\Program Files\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii) R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] () S2 Util Whilokii; C:\Program Files\Whilokii\bin\utilWhilokii.exe [65304 2013-10-16] (Whilokii) S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [417792 2013-08-22] (Microsoft Corporation) R2 WajamUpdaterV2; C:\Program Files\Wajam\Updater\WajamUpdaterV2.exe [113152 2013-10-10] (Wajam) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation) S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation) S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1208832 2013-09-30] (Microsoft Corporation) R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-22] (Wsys Co., Ltd.) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [773472 2013-08-22] (PMC-Sierra) R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [63488 2013-08-22] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-10] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137208 2013-10-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [67680 2013-10-10] (Avira Operations GmbH & Co. KG) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [16088 2013-08-13] (Windows (R) Win 7 DDK provider) S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation) S3 hamachi; C:\Windows\system32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 iaioi2c; C:\Windows\System32\drivers\iaioi2c.sys [61936 2013-07-23] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [524784 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [36696 2013-09-30] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [19680 2013-09-30] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [68960 2013-08-22] (LSI Corporation) R3 LVPr2Mon; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] () R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [13312 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [72192 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [119648 2013-08-22] (Microsoft Corporation) S1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [47456 2013-08-22] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [23904 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation) S3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation) NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-10-22 20:02 - 2013-10-22 20:02 - 00000000 ____D C:\FRST 2013-10-22 19:33 - 2013-10-22 19:33 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Avira 2013-10-22 19:30 - 2013-10-22 19:30 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-10-22 19:30 - 2013-10-22 19:30 - 00000000 ____D C:\Program Files\AskPartnerNetwork 2013-10-22 19:29 - 2013-10-22 19:29 - 00000000 ____D C:\ProgramData\APN 2013-10-22 19:29 - 2013-09-23 20:35 - 00509872 _____ (Ask Partner Network) C:\Users\LiScho\Documents\APNSetup.exe 2013-10-22 19:28 - 2013-10-22 19:28 - 00002032 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-10-22 19:28 - 2013-10-22 19:28 - 00000000 ____D C:\ProgramData\Avira 2013-10-22 19:28 - 2013-10-22 19:28 - 00000000 ____D C:\Program Files\Avira 2013-10-22 19:28 - 2013-10-10 19:14 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2013-10-22 19:28 - 2013-10-10 19:14 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2013-10-22 19:28 - 2013-10-10 19:14 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2013-10-22 19:28 - 2013-10-10 19:14 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2013-10-22 19:28 - 2013-10-10 19:14 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys 2013-10-22 19:24 - 2013-10-22 19:25 - 123853152 _____ C:\Users\LiScho\Downloads\avira_free_antivirus_de(1).exe 2013-10-22 19:17 - 2013-10-22 19:17 - 01087503 _____ (Farbar) C:\Users\LiScho\Downloads\FRST.exe 2013-10-22 18:47 - 2013-10-22 18:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-10-22 18:26 - 2013-10-22 17:54 - 00000000 ___DC C:\WINDOWS\Panther 2013-10-22 18:25 - 2013-10-22 18:25 - 00000000 ____D C:\Windows.old 2013-10-22 18:24 - 2013-10-22 18:24 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 01306968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-10-22 18:24 - 2013-10-22 18:24 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00320856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-10-22 18:24 - 2013-10-22 18:24 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-10-22 18:24 - 2013-10-22 18:24 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-10-22 18:24 - 2013-10-22 18:24 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-10-22 18:22 - 2013-10-22 18:22 - 00000000 ____D C:\WINDOWS\system32\XPSViewer 2013-10-22 18:22 - 2013-10-22 18:22 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-10-22 18:22 - 2013-10-22 18:22 - 00000000 ____D C:\Program Files\MSBuild 2013-10-22 18:22 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2013-10-22 18:22 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-22 18:22 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2013-10-22 17:57 - 2013-10-22 17:58 - 00000000 __RDO C:\Users\LiScho\SkyDrive 2013-10-22 17:53 - 2013-10-22 17:53 - 00001454 _____ C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-22 17:52 - 2013-10-22 17:52 - 00000020 ___SH C:\Users\LiScho\ntuser.ini 2013-10-22 17:48 - 2013-10-22 17:48 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 17:46 - 2013-10-22 17:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-10-22 17:45 - 2013-10-22 17:45 - 00021532 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-10-22 17:35 - 2013-10-22 17:35 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-10-22 17:34 - 2013-10-22 17:57 - 00000000 ____D C:\Users\LiScho 2013-10-22 17:34 - 2013-10-22 17:45 - 00032388 _____ C:\WINDOWS\diagwrn.xml 2013-10-22 17:34 - 2013-10-22 17:45 - 00032388 _____ C:\WINDOWS\diagerr.xml 2013-10-22 17:34 - 2013-10-22 17:35 - 00000000 ___RD C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\Startmenü 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\Netzwerkumgebung 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\Druckumgebung 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\Documents\Eigene Musik 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\Documents\Eigene Bilder 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 _SHDL C:\Users\LiScho\AppData\Local\Verlauf 2013-10-22 17:34 - 2013-10-22 17:34 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 17:34 - 2013-08-22 10:17 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-10-22 17:28 - 2013-10-22 18:58 - 00123884 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-22 17:28 - 2013-10-22 17:36 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-22 17:28 - 2013-10-22 17:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-10-22 17:28 - 2013-10-22 17:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-10-22 17:28 - 2013-09-12 08:28 - 04265760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2013-10-22 17:28 - 2013-09-12 08:28 - 03006240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll 2013-10-22 17:28 - 2013-09-12 08:28 - 02555168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2013-10-22 17:28 - 2013-09-12 08:28 - 00662816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2013-10-22 17:28 - 2013-09-12 08:28 - 00209184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2013-10-22 17:28 - 2013-09-12 08:28 - 00062752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2013-10-22 17:05 - 2013-10-22 17:45 - 00006587 _____ C:\WINDOWS\comsetup.log 2013-10-22 17:02 - 2013-10-22 17:53 - 00001356 _____ C:\WINDOWS\Tasks\SuperLyrics-16-updater.job 2013-10-22 17:02 - 2013-10-22 17:53 - 00001162 _____ C:\WINDOWS\Tasks\SuperLyrics-16-enabler.job 2013-10-22 17:02 - 2013-10-22 17:37 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2013-10-22 17:02 - 2013-10-22 17:02 - 00001049 _____ C:\Users\LiScho\Desktop\MyPC Backup.lnk 2013-10-22 17:02 - 2013-10-22 17:02 - 00000000 ____D C:\Program Files\MyPC Backup 2013-10-22 17:02 - 2013-10-22 17:02 - 00000000 ____D C:\Program Files\Common Files\337 2013-10-22 17:01 - 2013-10-22 17:59 - 00000262 _____ C:\WINDOWS\Tasks\SpeedUpMyPC.job 2013-10-22 17:01 - 2013-10-22 17:53 - 00001888 _____ C:\WINDOWS\Tasks\SuperLyrics-16-firefoxinstaller.job 2013-10-22 17:01 - 2013-10-22 17:53 - 00001262 _____ C:\WINDOWS\Tasks\SuperLyrics-16-codedownloader.job 2013-10-22 17:01 - 2013-10-22 17:53 - 00000340 _____ C:\WINDOWS\Tasks\spmonitor.job 2013-10-22 17:01 - 2013-10-22 17:01 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll 2013-10-22 17:01 - 2013-10-22 17:01 - 00420944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll 2013-10-22 17:01 - 2013-10-22 17:01 - 00001088 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk 2013-10-22 17:01 - 2013-10-22 17:01 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Uniblue 2013-10-22 17:01 - 2013-10-22 17:01 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Desk 365 2013-10-22 17:01 - 2013-10-22 17:01 - 00000000 ____D C:\ProgramData\eSafe 2013-10-22 17:01 - 2013-10-22 17:01 - 00000000 ____D C:\Program Files\Uniblue 2013-10-22 17:01 - 2013-10-22 17:01 - 00000000 ____D C:\Program Files\Desk 365 2013-10-22 17:00 - 2013-10-22 20:00 - 00000310 _____ C:\WINDOWS\Tasks\MySearchDial.job 2013-10-22 17:00 - 2013-10-22 19:32 - 00000000 ____D C:\Program Files\PricePeep 2013-10-22 17:00 - 2013-10-22 17:53 - 00001962 _____ C:\WINDOWS\Tasks\SuperLyrics-16-chromeinstaller.job 2013-10-22 17:00 - 2013-10-22 17:02 - 00000000 ____D C:\Program Files\SuperLyrics-16 2013-10-22 17:00 - 2013-10-22 17:00 - 00423709 _____ C:\Users\LiScho\AppData\Local\mysearchdial_speedial_v9.0.2.crx 2013-10-22 17:00 - 2013-10-22 17:00 - 00000396 _____ C:\Users\Public\Desktop\MySearchDial.url 2013-10-22 17:00 - 2013-10-22 17:00 - 00000386 _____ C:\Users\Public\Desktop\Online Games.url 2013-10-22 17:00 - 2013-10-22 17:00 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\mysearchdial 2013-10-22 17:00 - 2013-10-22 17:00 - 00000000 ____D C:\Program Files\Mysearchdial 2013-10-22 16:58 - 2013-10-22 16:58 - 00319240 _____ C:\Users\LiScho\Downloads\Java.exe 2013-10-19 19:02 - 2013-10-19 19:02 - 00000000 ____D C:\Users\LiScho\AppData\Local\LogMeIn 2013-10-19 19:02 - 2013-10-19 19:02 - 00000000 ____D C:\ProgramData\LogMeIn 2013-10-16 00:24 - 2013-10-19 13:52 - 00099840 ___SH C:\Users\LiScho\Downloads\Thumbs.db 2013-10-12 16:29 - 2013-10-22 19:07 - 00000000 ____D C:\Program Files\Amazon Browser Bar 2013-10-12 16:29 - 2013-10-16 21:06 - 00000000 ____D C:\Program Files\Whilokii 2013-10-12 16:29 - 2013-10-12 16:29 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.4284.dll 2013-10-12 16:29 - 2013-10-12 16:29 - 00000000 ____D C:\Users\LiScho\AppData\Local\Amazon Browser Bar 2013-10-12 16:24 - 2013-10-22 19:32 - 00000310 _____ C:\WINDOWS\Tasks\UpdaterEX.job 2013-10-12 16:24 - 2013-10-22 19:29 - 00000928 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job 2013-10-12 16:24 - 2013-10-22 17:53 - 00000924 _____ C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job 2013-10-12 16:24 - 2013-10-22 17:37 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\UpdaterEX 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\BabSolution 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Users\LiScho\AppData\Local\BonanzaDealsLive 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\ProgramData\BonanzaDealsLive 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Program Files\Wajam 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Program Files\searchgol 2013-10-12 16:24 - 2013-10-12 16:24 - 00000000 ____D C:\Program Files\BonanzaDealsLive 2013-10-12 16:23 - 2013-10-22 17:37 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals 2013-10-12 16:23 - 2013-10-22 16:24 - 00000000 ____D C:\Program Files\BonanzaDeals 2013-10-12 16:23 - 2013-10-12 16:32 - 20586496 _____ C:\Users\LiScho\Downloads\SkypeSetup [1].exe 2013-10-12 16:23 - 2013-10-12 16:23 - 00000000 ____D C:\ProgramData\Babylon 2013-10-12 16:22 - 2013-10-12 16:22 - 00679648 _____ C:\Users\LiScho\Downloads\SkypeSetup.exe 2013-10-12 13:49 - 2013-10-12 13:49 - 00000000 __RSH C:\MSDOS.SYS 2013-10-12 13:49 - 2013-10-12 13:49 - 00000000 __RSH C:\IO.SYS 2013-10-08 14:07 - 2013-10-08 14:07 - 34888568 _____ (Riot Games) C:\Users\LiScho\Downloads\LeagueofLegends_EUW_Installer_06_12_13(1).exe 2013-10-07 12:59 - 2013-10-07 12:59 - 00096872 _____ (Spotify Ltd) C:\Users\LiScho\Downloads\SpotifySetup(3).exe 2013-10-07 12:42 - 2013-10-07 12:42 - 218207302 _____ C:\WINDOWS\MEMORY.DMP 2013-10-03 19:40 - 2013-10-03 19:40 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\LolClient 2013-10-03 18:06 - 2013-10-22 17:58 - 00013312 ___SH C:\Users\LiScho\Desktop\Thumbs.db 2013-10-03 17:42 - 2013-10-22 17:36 - 00000000 __SHD C:\WINDOWS\system32\AI_RecycleBin 2013-10-03 17:42 - 2013-10-03 19:43 - 00000000 ____D C:\Program Files\Lol 2013-10-03 17:42 - 2013-10-03 17:42 - 00001616 _____ C:\Users\Public\Desktop\Play League of Legends.lnk 2013-10-03 17:42 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2013-10-03 17:42 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2013-10-03 17:42 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2013-10-03 17:42 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2013-10-03 17:42 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2013-10-03 17:40 - 2013-10-22 17:13 - 00000000 ____D C:\Users\LiScho\AppData\Local\PMB Files 2013-10-03 17:40 - 2013-10-22 17:10 - 00000000 ____D C:\ProgramData\PMB Files 2013-10-03 17:40 - 2013-10-03 17:40 - 00000000 ____D C:\Program Files\Pando Networks 2013-10-03 14:52 - 2013-10-03 17:40 - 00000000 ____D C:\Users\LiScho\AppData\Roaming\Riot Games 2013-10-03 14:52 - 2013-10-03 14:52 - 34888568 _____ (Riot Games) C:\Users\LiScho\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2013-10-02 17:30 - 2013-10-02 17:30 - 00096872 _____ (Spotify Ltd) C:\Users\LiScho\Downloads\SpotifySetup(2).exe 2013-10-02 17:05 - 2013-10-02 17:05 - 00000000 ____D C:\Program Files\LogMeIn Hamachi 2013-09-30 06:22 - 2013-10-22 17:57 - 00000000 ___HD C:\$Windows.~BT 2013-09-30 06:00 - 2013-09-30 06:00 - 03403776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-09-30 06:00 - 2013-09-30 06:00 - 01380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-09-30 06:00 - 2013-09-30 06:00 - 01270640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-09-30 06:00 - 2013-09-30 06:00 - 01261320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-09-30 06:00 - 2013-09-30 06:00 - 01159080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-09-30 06:00 - 2013-09-30 06:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2013-09-30 06:00 - 2013-09-30 06:00 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2013-09-30 06:00 - 2013-09-30 06:00 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll 2013-09-30 06:00 - 2013-09-30 06:00 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2013-09-30 06:00 - 2013-09-30 06:00 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 18640456 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 17143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 11670528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 05754200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 05251224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 04975104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 03497984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 02832896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 02142424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 02065960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 02038272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01889112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01445720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01370800 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01033368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00919552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00871256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00861976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-09-30 05:59 - 2013-09-30 05:59 - 00705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-09-30 05:59 - 2013-09-30 05:59 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00493400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00489696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx 2013-09-30 05:59 - 2013-09-30 05:59 - 00382224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2013-09-30 05:59 - 2013-09-30 05:59 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00368736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00321368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00207192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00197976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00142168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00134784 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00130392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00077144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-09-30 05:59 - 2013-09-30 05:59 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-09-30 05:59 - 2013-09-30 05:59 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2013-09-30 05:59 - 2013-09-30 05:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2013-09-30 05:52 - 2013-08-22 01:46 - 00018077 _____ C:\WINDOWS\ProfessionalWMC.xml 2013-09-30 05:51 - 2013-10-22 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-09-30 05:51 - 2013-09-30 05:51 - 02823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 01213240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcmde.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 01165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys 2013-09-30 05:51 - 2013-09-30 05:51 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbda.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SNTSearch.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00147439 _____ C:\WINDOWS\system32\gpedit.msc 2013-09-30 05:51 - 2013-09-30 05:51 - 00146389 _____ C:\WINDOWS\system32\printmanagement.msc 2013-09-30 05:51 - 2013-09-30 05:51 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2013-09-30 05:51 - 2013-09-30 05:51 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00120458 _____ C:\WINDOWS\system32\secpol.msc 2013-09-30 05:51 - 2013-09-30 05:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iTVData.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcsrchPH.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00075104 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterSvc.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mcx2Svc.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsPbdaCoInst.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00043566 _____ C:\WINDOWS\system32\rsop.msc 2013-09-30 05:51 - 2013-09-30 05:51 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeyboardFilterCore.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys 2013-09-30 05:51 - 2013-09-30 05:51 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2013-09-30 05:51 - 2013-09-30 05:51 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00019680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbldfltr.sys 2013-09-30 05:51 - 2013-09-30 05:51 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe 2013-09-30 05:51 - 2013-09-30 05:51 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysprepMCE.dll 2013-09-30 05:51 - 2013-09-30 05:51 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2013-09-30 05:51 - 2013-09-30 05:51 - 00000000 ____D C:\WINDOWS\SKB 2013-09-30 05:51 - 2013-09-30 05:51 - 00000000 ____D C:\WINDOWS\ShellNew 2013-09-30 05:51 - 2013-09-30 05:51 - 00000000 ____D C:\Program Files\Windows Journal 2013-09-30 05:49 - 2013-10-22 17:37 - 00000000 ____D C:\WINDOWS\system32\WCN 2013-09-30 05:49 - 2013-09-30 05:51 - 00000000 ____D C:\WINDOWS\system32\Drivers\de-DE 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\system32\winrm 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\system32\slmgr 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\system32\de 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\system32\0409 2013-09-30 05:49 - 2013-09-30 05:49 - 00000000 ____D C:\WINDOWS\de-DE 2013-09-29 20:55 - 2013-10-22 17:27 - 00000800 _____ C:\WINDOWS\PFRO.log 2013-09-24 16:02 - 2013-10-07 13:00 - 00001808 _____ C:\Users\LiScho\Desktop\Spotify.lnk 2013-09-24 16:01 - 2013-09-24 16:01 - 00096872 _____ (Spotify Ltd) C:\Users\LiScho\Downloads\SpotifySetup(1).exe Fortsetzung folgt |
hier die Fortsetzung: Code: ==================== One Month Modified Files and Folders =======Code: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2013 |
Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Bitte poste mit deiner nächsten Antwort
|
Hi Matthias, hier erst mal JRT: unten dann 2x ADW Code: Leider hab ich extreme Probleme mit Firefox. Ich hoffe, es klappt jetzt: Code: # AdwCleaner v3.010 - Bericht erstellt am 23/10/2013 um 09:32:06Code: # AdwCleaner v3.010 - Bericht erstellt am 23/10/2013 um 09:35:29Malwarebytes hat die gefundenen Objekte aufgelistet, jedoch war nur ein Objekt mit Häkchen versehen. Code: Malwarebytes Anti-Malware 1.75.0.1300Vom befallenen Rechner lässt sich kaum noch etwas als Nachricht eintragen. Es kommt ständig: Keine Rückmeldung / beschädigtes Skript usw. Ich sende dies jetzt von einem anderen Rechner aus. Vielleicht können wir auf eine neue Seite übergehen? Gruß LiScho Noch mal ein quick-scan, manuell alles mit Häkchen versehen und gelöscht. Bitte schön , hier das Ergebnis: Code: Malwarebytes Anti-Malware 1.75.0.1300 |
Servus, gut gemacht. So geht es weiter: Schritt 1 Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/
Schritt 2 Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden wieder zwei Logdateien erzeugt. Poste mir diese. Schritt 3 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Gibt es noch Probleme mit Malware? Wenn ja, welche? Wie läuft der Rechner derzeit? Bitte poste mit deiner nächsten Antwort
|
Hi , grüß Dich. Schön das Du wieder da bist. Leider gibt es Probleme mit zoek, sowohl bei der rar als auch bei der zip Version. Wie bekomme ich das denn geöffnet? Soll Dein Text : FFdefaults; CHRdefaults; iedefaults; emptyclsid; autoclean; angefügt werden oder soll er dann alleine stehen? Aber das ist der zweit Schritt. Erst mal : welche Version auswählen und wie öffnen? Also, ich warte mal auf Deine Antwort. Danke schon mal im Voraus. Gruß LiScho Na, hat ja doch geklappt. Bin etwas übervorsichtig geworden:applaus: hier erst mal zoek: Code: Zoek.exe Version 4.0.0.5 Updated 22-October-2013FRST Logfile: FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2013 01--- --- --- |
und hier noch mal FRST: Code: Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-10-2013 01Hier kommt SystemLook : Code: SystemLook 30.07.11 by jpshortstuffADWARE/PriecePeep.P HEUR/Malware ADWARE/Addpeeps.A |
Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code: startSpeichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
Hi, ich freue mich, Deine Liste abarbeiten zu dürfen: Code: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-10-2013Code: Malwarebytes Anti-Malware 1.75.0.1300 |
Servus, sehr gut. :) Fehlen noch ESET und SecurityCheck. ;) |
Und hier ESET: Bitte schön Code: ESETSmartInstaller@High as downloader log:Code: Results of screen317's Security Check version 0.99.74 abmelden. Am Sonntag Abend bin ich wieder am PC. Ich wünsche Dir und den Kollegen ein schönes Wochenende. Vielen, vielen Dank für Deine kompetente Unterstützung. Ich bin ganz sicher, dass Du den Virus ausrotten wirst! Also, bis dann. Gruß von LiScho |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:41 Uhr. |
Copyright ©2000-2025, Trojaner-Board
