|
Mozilla Google chrome funktioniert nicht, viele Fenster ploppen auf, mein Antivir ist ziemlich beschäftigt Ich brauche dringend Hilfe! Denn seit 2 Tagen, nach Reparatur und einer anschließenden Neuinstallatation aller Programme hab ich mir was schreckliches auf meinen PC geholt. Ich komme garnich tmehr mit. Weder Googel chrome noch Firefox arbeiten, Internet-Explorer beschert mich mit allerhand unerwünschter Werbung etc. Antivirus meldet ständig Bedrohungen, weiß nicht mehr weiter. Danke für schnelle Hilfe :heilig: Und was bitte sind Trackbacks? |
hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
wow, schnelle Hilfe, mach ich, danke was mach ich falsch, die Datei ist zu lang und anhängen geht nicht :headbang:, danke für Hilfe |
Addition.txt. im Anhang, das FRST ist zu lang, Hilfe! |
First Teil 1 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014 Ran by User (administrator) on USER-PC on 11-07-2014 09:04:36 Running from C:\Users\User\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe () C:\Program Files (x86)\PHotkey\PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe () C:\Program Files (x86)\PHotkey\POsd.exe () C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [lot_07081714] => c:\users\user\appdata\local\lot_07081714\lot_07081714.exe [2617344 2014-07-08] () AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File Not Found IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\itunes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\memeolauncher2.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\quicktimeplayer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\tvdtray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lot_07081714.lnk ShortcutTarget: lot_07081714.lnk -> C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Firefox.de Offizielle Download Page MP3 Firefox Musikverlag HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404839654&from=tugs&uid=HITACHIXHTS727575A9E364_J3740084H2ERXEH2ERXEX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1404839654&from=tugs&uid=HITACHIXHTS727575A9E364_J3740084H2ERXEH2ERXEX&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYwRnxJHL--2zpAUgBNlXSJh3YI6yH0SM-KbRd68fc8HEnXr-iz32TiuKS2LDGkYdaRhI3NoPucl55-uY9rSTuh82ySZrl0eHymFHCWGbph8GLR1fx1107X0WL6ykyZ3A,,&q={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKCU\...\Firefox\Extensions: [{65449825-340B-4B0B-D82C-63B7C23DC344}] - C:\Program Files (x86)\v01Re-markit\174.xpi Chrome: ======= CHR StartupUrls: "https://www.google.de/" CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-07-06] CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-11] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05] CHR Extension: (CostMin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf [2014-07-10] CHR Extension: (Re-markit) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjilminfakplkijfhhempcjdfccdpeal [2014-07-08] CHR Extension: (CostMin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedgbfjhicjofdihjfbkhpbmihhopplf\2.0 [2014-07-10] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3156936 2014-07-08] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] () S4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-06-18] (Just Develop It) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) R4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed] S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-08] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-08] (globalUpdate) [File not signed] S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software) S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed] S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-11] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software) R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-06-26] (Corsica) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-11 09:04 - 2014-07-11 09:05 - 00018579 _____ () C:\Users\User\Downloads\FRST.txt 2014-07-11 09:04 - 2014-07-11 09:04 - 00000000 ___DC () C:\FRST 2014-07-11 08:59 - 2014-07-11 08:59 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-07-11 07:23 - 2014-07-11 07:23 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-11 07:23 - 2014-07-11 07:23 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-11 07:23 - 2014-07-11 07:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-11 07:22 - 2014-07-11 07:23 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe 2014-07-11 06:49 - 2014-07-11 06:49 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-11 00:38 - 2014-07-11 00:38 - 00000134 _____ () C:\Users\User\Desktop\Internet Explorer Troubleshooting.url 2014-07-11 00:34 - 2014-07-11 00:34 - 00284288 _____ (Mozilla) C:\Users\User\Downloads\Firefox Setup Stub 30.0.exe 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-11 00:32 - 2014-07-11 00:35 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-10 21:35 - 2014-07-11 07:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-10 21:30 - 2014-07-10 21:30 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-10 21:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-10 21:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-10 21:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-10 19:55 - 2014-07-10 20:23 - 00390976 _____ () C:\Users\User\Desktop\logs_10.07.2014_19_39_38.log 2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk 2014-07-10 18:09 - 2014-07-10 23:58 - 00895120 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe 2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment 2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0 2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD} 2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9} 2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira 2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira 2014-07-10 06:22 - 2014-07-10 06:27 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe 2014-07-10 06:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 06:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 06:20 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-07-10 06:20 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-07-10 06:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 06:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 06:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 06:19 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 06:19 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 06:19 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 06:19 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 06:19 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 06:19 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 06:19 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-07-10 06:19 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 06:19 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-07-10 06:19 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 06:19 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-07-10 06:19 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 06:19 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 06:19 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 06:19 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 06:19 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 06:19 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 06:19 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 06:19 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-07-10 06:19 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 06:19 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 06:19 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-07-10 06:19 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-07-10 06:19 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 06:19 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-07-10 06:19 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 06:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 06:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 06:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 06:19 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-07-10 06:19 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-07-10 06:19 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-07-10 06:19 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-07-10 06:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 06:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 06:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 06:17 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-07-10 06:17 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-07-10 06:17 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-07-10 06:17 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2014-07-10 06:11 - 2014-07-10 06:11 - 00002640 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages 2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Torch 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator 2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks 2014-07-09 18:43 - 2014-07-09 18:44 - 00000000 ____D () C:\ProgramData\MFAData 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014 2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat 2014-07-08 22:08 - 2014-07-08 22:08 - 00003198 _____ () C:\Windows\System32\Tasks\psbep 2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat 2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo 2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat 2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm 2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat 2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa 2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat 2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat 2014-07-08 21:58 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh 2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat 2014-07-08 21:55 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu 2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat 2014-07-08 21:53 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol 2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat 2014-07-08 21:51 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk 2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat 2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj 2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat 2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb 2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat 2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn 2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat 2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat 2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat 2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr 2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat 2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat 2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat 2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat 2014-07-08 21:31 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq 2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat 2014-07-08 21:29 - 2014-07-08 22:54 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy 2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat 2014-07-08 21:27 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch 2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat 2014-07-08 21:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb 2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat 2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat 2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk 2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat 2014-07-08 21:19 - 2014-07-08 22:54 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag 2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat 2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat 2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt 2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat 2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat 2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat 2014-07-08 21:09 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba 2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat 2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp 2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat 2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat 2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd 2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat 2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful 2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat 2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat 2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat 2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd 2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat 2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi 2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat 2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat 2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat 2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa 2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat 2014-07-08 20:45 - 2014-07-08 22:55 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim 2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat 2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat 2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat 2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat 2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat 2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks 2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat 2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat 2014-07-08 20:31 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi 2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat 2014-07-08 20:29 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr 2014-07-08 20:29 - 2014-07-08 22:15 - 00001184 _____ () C:\Users\User\AppData\Roaming\aps.scan.quick.results 2014-07-08 20:29 - 2014-07-08 22:15 - 00000320 _____ () C:\Users\User\AppData\Roaming\aps.uninstall.scan.results 2014-07-08 20:29 - 2014-07-08 22:15 - 00000000 _____ () C:\Users\User\AppData\Roaming\aps.scan.results 2014-07-08 20:29 - 2014-07-08 22:13 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-07-08 20:29 - 2014-07-08 20:30 - 00002824 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat 2014-07-08 20:28 - 2014-07-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-07-08 20:28 - 2014-07-08 20:30 - 00002826 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:28 - 2014-07-08 20:28 - 00001049 _____ () C:\Users\User\Desktop\AnyProtect.lnk 2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup 2014-07-08 20:27 - 2014-07-08 20:28 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx 2014-07-08 20:27 - 2014-07-08 20:27 - 00591520 _____ (ClickMeIn Limited) C:\Users\User\AppData\Local\nsy7D1E.tmp 2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat 2014-07-08 20:25 - 2014-07-08 22:56 - 00003200 _____ () C:\Windows\System32\Tasks\habcd 2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat 2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat 2014-07-08 20:21 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu 2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat 2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat 2014-07-08 20:17 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn 2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat 2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat 2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat 2014-07-08 20:11 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb 2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat 2014-07-08 20:09 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd 2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat 2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz 2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat 2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat 2014-07-08 20:03 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug 2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat 2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat 2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat 2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl 2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat 2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat 2014-07-08 19:53 - 2014-07-08 19:53 - 00003204 _____ () C:\Windows\System32\Tasks\ptvicepr 2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat 2014-07-08 19:51 - 2014-07-08 22:55 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol 2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat 2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat 2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat 2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat 2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt 2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat 2014-07-08 19:41 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb 2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat 2014-07-08 19:39 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv 2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-07-08 19:39 - 2014-06-16 13:13 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2014-07-08 19:39 - 2014-06-16 13:13 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2014-07-08 19:39 - 2014-06-16 13:13 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2014-07-08 19:37 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti 2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat 2014-07-08 19:35 - 2014-07-08 19:36 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe 2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat 2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat 2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk 2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat 2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat 2014-07-08 19:27 - 2014-07-10 19:03 - 00001087 _____ () C:\Users\User\Desktop\Continue VuuPC Installation.lnk 2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat 2014-07-08 19:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk 2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat 2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag 2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat 2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat 2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\Documents\Optimizer Pro 2014-07-08 19:20 - 2014-07-08 19:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\Optimizer Pro 2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc 2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat 2014-07-08 19:18 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software 2014-07-08 19:17 - 2014-07-09 00:20 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-07-08 19:17 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat 2014-07-08 19:16 - 2014-07-08 19:16 - 00001973 _____ () C:\Users\User\Desktop\Sync Folder.lnk 2014-07-08 19:15 - 2014-07-11 00:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\VOPackage 2014-07-08 19:15 - 2014-07-11 00:25 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-08 19:15 - 2014-07-08 22:14 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup 2014-07-08 19:15 - 2014-07-08 19:15 - 00001091 _____ () C:\Users\User\Desktop\MyPC Backup.lnk 2014-07-08 19:15 - 2014-07-08 19:15 - 00001066 _____ () C:\Users\User\Desktop\Optimizer Pro.lnk 2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 2014-07-08 19:15 - 2014-07-08 19:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 2014-07-08 19:14 - 2014-07-11 08:59 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714 2014-07-08 19:14 - 2014-07-11 06:47 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2014-07-08 19:14 - 2014-07-11 00:56 - 00001470 _____ () C:\Windows\Tasks\5b129954-e7dd-4971-9aba-a63c9e9df39c-5_user.job 2014-07-08 19:14 - 2014-07-11 00:55 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1 2014-07-08 19:14 - 2014-07-08 19:14 - 00003656 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat 2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Users\User\AppData\Local\globalUpdate 2014-07-08 19:14 - 2014-07-08 19:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-08 19:13 - 2014-07-10 06:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf 2014-07-08 19:13 - 2014-06-26 07:24 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 _RHDC () C:\MSOCache 2014-07-08 18:43 - 2014-07-10 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-08 18:38 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-07-08 18:38 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-07-08 18:38 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-07-08 18:38 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-07-08 07:38 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-07-08 07:18 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-07-08 07:18 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-07-08 07:18 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-07-08 07:18 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-07-08 07:18 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) 2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-07-06 22:09 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon 2014-07-06 19:50 - 2014-07-11 00:22 - 00000000 ____D () C:\Program Files (x86)\SweetIM 2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent 2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson 2014-07-06 19:50 - 2013-12-27 23:34 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-07-06 19:49 - 2014-07-11 00:22 - 00000000 ____D () C:\Program Files (x86)\Search Results Toolbar 2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\smartdl 2014-07-06 19:48 - 2014-07-11 07:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-06 19:48 - 2014-07-10 23:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-06 19:48 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP 2014-07-06 19:47 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Conduit 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Claro LTD 2014-07-06 19:45 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1ClickDownload 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1 2014-07-06 19:44 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-06 19:44 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-06 19:44 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans 2014-07-06 17:30 - 2014-07-06 17:31 - 00000000 ____D () C:\ProgramData\VirtualizedApplications 2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org 2014-07-06 15:36 - 2014-07-06 15:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 2014-07-06 15:34 - 2014-07-07 06:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3 2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help 2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-06 15:17 - 2014-07-08 22:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client 2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client 2014-07-06 15:14 - 2014-07-10 07:28 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-07-06 15:13 - 2014-07-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client 2014-07-06 15:12 - 2014-07-06 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP 2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\4.0 2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4 2014-07-06 12:38 - 2014-07-06 12:39 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14 2014-07-06 12:20 - 2014-07-11 00:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer 2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer 2014-07-06 12:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-07-06 12:17 - 2014-07-10 23:47 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-07-06 12:17 - 2014-07-06 12:18 - 00000000 ____D () C:\ProgramData\Apple 2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2014-07-06 12:10 - 2014-07-06 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions 2014-07-06 12:10 - 2014-07-06 12:27 - 00000000 ____D () C:\ProgramData\WindSolutions 2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe 2014-07-05 17:54 - 2014-07-05 19:26 - 00000000 __SHD () C:\Users\User\AppData\Roaming\.# 2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-07-05 14:24 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAT.DLL 2014-07-05 13:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-07-05 13:58 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-07-05 13:58 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-07-05 13:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-07-05 13:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-07-05 13:58 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-07-05 13:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-07-05 13:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-07-05 13:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-07-05 13:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-07-05 13:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-07-05 13:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-07-05 13:57 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-07-05 13:57 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-07-05 13:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-07-05 13:57 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-07-05 13:57 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-07-05 13:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-07-05 13:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-07-05 13:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2014-07-05 13:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-07-05 13:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-07-05 13:57 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-07-05 13:57 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-05 13:57 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-07-05 13:57 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-05 13:57 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-07-05 13:57 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-07-05 13:57 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-07-05 13:57 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-07-05 13:57 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2014-07-05 13:57 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2014-07-05 13:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-07-05 13:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-07-05 13:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-07-05 13:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-07-05 13:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-07-05 13:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-07-05 13:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-07-05 13:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-07-05 13:56 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-07-05 13:56 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-07-05 13:56 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-07-05 13:56 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-07-05 13:56 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-07-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-07-05 13:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-07-05 13:56 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-07-05 13:56 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-07-05 13:56 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-07-05 13:56 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-07-05 13:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-07-05 13:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-07-05 13:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-07-05 13:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-07-05 13:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-07-05 13:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-07-05 13:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-07-05 13:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-07-05 13:56 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-07-05 13:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-07-05 13:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-07-05 13:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-07-05 13:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-07-05 13:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-07-05 13:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-07-05 13:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-07-05 13:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-07-05 13:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-07-05 13:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-07-05 13:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-07-05 13:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-07-05 13:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-07-05 13:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-07-05 13:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-07-05 13:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-07-05 13:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-07-05 13:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-07-05 13:55 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-07-05 13:55 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-07-05 13:55 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-07-05 13:55 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-07-05 13:55 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-07-05 13:55 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-07-05 13:55 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-07-05 13:55 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-07-05 13:55 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-07-05 13:55 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-07-05 13:55 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2014-07-05 13:55 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-07-05 13:55 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-07-05 13:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-07-05 13:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-07-05 13:55 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-07-05 13:55 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-07-05 13:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-07-05 13:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-07-05 13:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-07-05 13:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-07-05 13:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-07-05 13:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-07-05 13:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-07-05 13:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-07-05 13:55 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-07-05 13:55 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-07-05 13:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-07-05 13:55 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-07-05 13:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-07-05 13:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-07-05 13:55 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-07-05 13:55 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-07-05 13:55 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-07-05 13:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2014-07-05 13:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-07-05 13:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-07-05 13:55 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-07-05 13:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-07-05 13:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-07-05 13:55 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-07-05 13:55 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-07-05 13:55 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-07-05 13:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2014-07-05 13:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-07-05 13:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-07-05 13:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-07-05 13:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-07-05 13:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-07-05 13:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2014-07-05 13:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2014-07-05 13:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs 2014-07-05 13:54 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-07-05 13:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-07-05 13:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-07-05 13:53 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-07-05 13:53 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-07-05 13:53 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-07-05 13:53 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-07-05 13:53 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-07-05 13:53 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-07-05 13:53 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-07-05 13:53 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2014-07-05 13:53 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2014-07-05 13:53 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-07-05 13:53 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-07-05 13:53 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-07-05 13:53 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-07-05 13:53 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-07-05 13:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-07-05 13:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-07-05 13:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-07-05 13:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-07-05 13:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-07-05 13:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-07-05 13:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-07-05 13:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-07-05 13:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-07-05 13:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-07-05 13:52 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-07-05 13:52 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-07-05 13:52 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-07-05 13:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-07-05 13:52 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2014-07-05 13:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-07-05 13:52 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-07-05 13:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-07-05 13:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-07-05 13:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-07-05 13:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-07-05 13:52 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-07-05 13:52 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-07-05 13:52 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-07-05 13:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-07-05 13:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-07-05 13:52 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-07-05 13:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-07-05 13:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-07-05 13:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-07-05 13:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-07-05 13:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2014-07-05 13:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2014-07-05 13:52 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-07-05 13:52 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-07-05 13:52 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-07-05 13:52 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2014-07-05 13:52 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-07-05 13:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-07-05 13:52 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-07-05 13:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-07-05 13:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-07-05 13:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-07-05 13:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2014-07-05 13:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2014-07-05 13:52 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-07-05 13:52 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2014-07-05 13:52 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-07-05 13:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-07-05 13:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-07-05 13:52 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder 2014-07-05 13:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-07-05 13:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-07-05 13:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-07-05 13:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-07-05 13:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-07-05 13:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-07-05 13:05 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe 2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs 2014-07-02 12:16 - 2014-07-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic 2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report 2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db 2014-07-02 11:43 - 2014-07-02 12:16 - 00000000 ____D () C:\Temp 2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar 2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink 2014-07-02 11:41 - 2014-07-11 00:36 - 00000000 ____D () C:\Users\User\AppData\Local\Google 2014-07-02 11:19 - 2014-07-02 11:20 - 00000000 ____D () C:\Users\User\Heaven 2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage 2014-07-02 11:10 - 2014-07-11 06:49 - 00000000 ____D () C:\Users\User\Documents\Youcam 2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink 2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go 2014-07-02 11:08 - 2014-07-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore 2014-07-02 11:08 - 2014-07-08 19:14 - 00001671 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-02 11:08 - 2014-07-08 19:14 - 00001649 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel 2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10 2014-07-02 11:07 - 2012-04-11 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema 2014-07-02 11:07 - 2012-03-14 23:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia 2014-07-02 11:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-02 11:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT 2014-07-02 11:06 - 2011-08-15 12:59 - 00001854 _____ () C:\Users\Public\Desktop\MEDION Services.lnk 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit) 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics 2014-07-02 11:04 - 2011-09-20 13:06 - 00002439 _____ () C:\Users\Public\Desktop\MEDIONmediathek.lnk 2014-07-02 11:03 - 2014-07-02 11:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5 2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel 2014-07-02 11:02 - 2014-07-11 00:52 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-02 11:02 - 2014-07-11 00:47 - 00000000 ____D () C:\ProgramData\Partner 2014-07-02 11:02 - 2014-07-08 19:14 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi 2014-07-02 10:51 - 2014-07-11 08:12 - 01349360 _____ () C:\Windows\WindowsUpdate.log 2014-07-02 10:51 - 2014-07-02 10:52 - 00000000 __SHD () C:\Recovery 2014-06-22 23:57 - 2014-07-06 11:01 - 00000000 ___RD () C:\Users\User\Dropbox 2014-06-22 23:55 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses 2014-06-22 21:21 - 2014-07-08 20:16 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup 2014-06-22 21:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ 2014-06-22 21:20 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014 2014-06-22 21:20 - 2014-07-06 11:41 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100 2014-06-22 21:20 - 2014-07-06 11:27 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen 2014-06-22 21:20 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister 2014-06-22 21:20 - 2014-06-22 08:40 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx 2014-06-22 21:17 - 2014-07-06 11:41 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen 2014-06-22 21:17 - 2014-04-25 12:58 - 06772879 _____ () C:\Users\User\Desktop\wordpress-3.9-de_DE.zip 2014-06-22 21:16 - 2014-06-22 18:49 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx 2014-06-22 21:16 - 2014-04-21 10:55 - 13849784 _____ (Microsoft Corporation) C:\Users\User\Desktop\mseinstall.exe 2014-06-22 21:16 - 2013-12-28 00:24 - 00038363 _____ () C:\Users\User\Desktop\logs_27.12.2013_23_05_28.log 2014-06-22 21:16 - 2013-12-14 08:52 - 01750312 _____ (WindSolutions) C:\Users\User\Desktop\logpacker.exe 2014-06-22 21:16 - 2013-05-04 11:32 - 00001050 _____ () C:\Users\User\Desktop\VirtualDJ Home FREE.lnk 2014-06-22 21:16 - 2012-12-29 12:53 - 2884829184 _____ () C:\Users\User\Desktop\Windows Installationsdatei 12.12.iso 2014-06-22 21:15 - 2013-05-04 11:29 - 38944576 _____ (Atomix Productions) C:\Users\User\Desktop\install_virtualdj_home_v7.4.exe 2014-06-22 21:15 - 2013-03-07 23:19 - 90130256 _____ (Apple Inc.) C:\Users\User\Desktop\iTunes64Setup.exe 2014-06-22 21:14 - 2014-02-20 20:38 - 00055808 _____ () C:\Users\User\Desktop\FahrplanTage berechnen.xls 2014-06-22 21:14 - 2014-02-20 19:27 - 00057856 _____ () C:\Users\User\Desktop\Fahrplan2.xls 2014-06-22 21:14 - 2014-01-17 10:38 - 1489184417 _____ () C:\Users\User\Desktop\home-hd-de.zip 2014-06-22 21:14 - 2013-12-27 23:46 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\User\Desktop\hijackhunter_setup.exe 2014-06-22 21:14 - 2013-12-24 10:43 - 00053760 _____ () C:\Users\User\Desktop\Fahrplan2014.xls 2014-06-22 21:14 - 2013-12-17 23:43 - 36152456 _____ (Amazon) C:\Users\User\Desktop\AmazonCloudPlayerInstaller_399.exe 2014-06-22 20:59 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\CyberLink |
First Teil 2 Code: ==================== One Month Modified Files and Folders =======Code: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014Code: ==================== Event log errors: ========================= |
Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
|
Also Revo Uninstaller war nichts Löschbares enthalten, weiter mit Combofix. Hab es einfach laufen lassen und dann war die Logfile da: Code: ComboFix 14-07-12.02 - User 12.07.2014 9:14.1.4 - x64Gruss Silvia Zitat:
|
wir sind noch nit fertig :) Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte. |
oh, hab ich bemerkt, Seiten gingen zum Teil wieder nicht auf :killpc:, bin dabei Sorry, bin dauernd rausgeflogen bzw. nicht in den Browser gekommen Mal schnell bevor wir im Fussballfieber versinken :taenzer: [CODE] Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 13.07.2014 Scan Time: 12:35:20 Logfile: mbam.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.13.01 Rootkit Database: v2014.07.09.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User Scan Type: Threat Scan Result: Completed Objects Scanned: 347724 Time Elapsed: 10 min, 44 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 5 PUP.Optional.Snapdo.T, HKU\S-1-5-21-2360195539-4008202503-23516872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [b2cdebb28bf096a0a278672744bed22e], PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [b2cdebb28bf096a0a278672744bed22e], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [a5dacdd048337db954863484b151956b], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], Registry Values: 2 PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [a5dacdd048337db954863484b151956b] PUP.Optional.Snapdo.T, HKU\S-1-5-21-2360195539-4008202503-23516872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [bfc058452952cb6b18c3ab0d5ea48e72] Registry Data: 0 (No malicious items detected) Folders: 6 PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8AEDCA7B-C367-43F0-A6E8-69F7CA9C74E1}, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], Files: 6 PUP.Optional.Spigot.A, C:\Users\User\Downloads\aTube55Catcher.exe, Quarantined, [a0df831a87f42b0b20b48c9fb74a2bd5], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [cfb0544957245bdb49be7d3bfe04c43c], Physical Sectors: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code: # AdwCleaner v3.215 - Bericht erstellt am 13/07/2014 um 14:37:52~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by User on 13.07.2014 at 14:43:58,36 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9m841dpo.default\extensions\toolbar@gmx.net ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13.07.2014 at 14:49:54,63 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[CODE] zu guter letzt FRST 1. Teil: [CODE] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014 Ran by User (administrator) on USER-PC on 13-07-2014 15:02:01 Running from C:\Users\User\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe () C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [lot_07081714] => c:\users\user\appdata\local\lot_07081714\lot_07081714.exe [2617344 2014-07-08] () HKU\S-1-5-21-2360195539-4008202503-23516872-1000\...\Run: [AnizQoyq] => regsvr32.exe "C:\ProgramData\AnizQoyq\AnizQoyq.dat" Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lot_07081714.lnk ShortcutTarget: lot_07081714.lnk -> C:\Users\User\AppData\Local\lot_07081714\lot_07081714.exe () ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firefox.de/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF NetworkProxy: "type", 4 FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9m841dpo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-12] FF HKCU\...\Firefox\Extensions: [{65449825-340B-4B0B-D82C-63B7C23DC344}] - C:\Program Files (x86)\v01Re-markit\174.xpi Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-07-06] CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-11] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-05] CHR Extension: (Re-markit) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjilminfakplkijfhhempcjdfccdpeal [2014-07-08] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) S4 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] () S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S4 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed] S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-06-16] (TuneUp Software) S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed] S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-13] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-13 15:01 - 2014-07-13 15:01 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion 2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.JRT.txt# 2014-07-13 15:00 - 2014-07-13 15:00 - 00000094 ____H () C:\Users\User\Desktop\.~lock.AdwCleaner[S0].txt# 2014-07-13 14:59 - 2014-07-13 14:59 - 00000094 ____H () C:\Users\User\Desktop\.~lock.mbam.txt# 2014-07-13 14:49 - 2014-07-13 14:56 - 00000776 _____ () C:\Users\User\Desktop\JRT.txt 2014-07-13 14:43 - 2014-07-13 14:43 - 00000000 ____D () C:\Windows\ERUNT 2014-07-13 14:42 - 2014-07-13 14:42 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe 2014-07-13 14:40 - 2014-07-13 14:40 - 00006370 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt 2014-07-13 14:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-13 14:34 - 2014-07-13 14:41 - 00000000 ___DC () C:\AdwCleaner 2014-07-13 14:33 - 2014-07-13 14:33 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe 2014-07-13 14:33 - 2014-07-13 14:33 - 00003956 _____ () C:\Users\User\Desktop\mbam.txt 2014-07-13 14:27 - 2014-07-13 14:27 - 00034209 _____ () C:\Users\User\Desktop\combo.txt 2014-07-13 13:45 - 2014-07-13 13:45 - 00034207 ____C () C:\ComboFix.txt 2014-07-13 13:15 - 2014-07-13 13:15 - 00000000 ____D () C:\ProgramData\AnizQoyq 2014-07-13 12:34 - 2014-07-13 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-13 12:33 - 2014-07-13 12:33 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-13 12:33 - 2014-07-13 12:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-13 12:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-13 12:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-13 12:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-13 12:31 - 2014-07-13 12:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(2).exe 2014-07-13 12:20 - 2014-07-13 12:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-13 12:14 - 2014-07-13 12:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-07-13 12:14 - 2014-07-13 12:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-07-13 12:14 - 2014-07-13 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-13 12:13 - 2014-07-13 12:13 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0 (1).exe 2014-07-13 11:25 - 2014-07-13 11:25 - 00133360 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-13 11:24 - 2014-07-13 14:39 - 00000392 _____ () C:\Windows\setupact.log 2014-07-13 11:24 - 2014-07-13 11:24 - 00517648 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-13 11:23 - 2014-07-13 14:39 - 00005758 _____ () C:\Windows\PFRO.log 2014-07-12 10:52 - 2014-07-12 10:52 - 00448512 _____ (OldTimer Tools) C:\Users\User\Downloads\TFC.exe 2014-07-12 09:12 - 2014-07-13 13:45 - 00000000 ___DC () C:\Qoobox 2014-07-12 09:12 - 2014-07-13 13:40 - 00000000 ____D () C:\Windows\erdnt 2014-07-12 09:12 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-12 09:12 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-12 09:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-12 09:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-12 09:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-12 09:12 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-12 09:12 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-12 09:12 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-12 09:07 - 2014-07-12 09:07 - 05218570 ____R (Swearware) C:\Users\User\Downloads\ComboFix.exe 2014-07-12 09:05 - 2014-07-12 09:05 - 00003258 _____ () C:\Windows\System32\Tasks\{DD65FB9F-3514-482D-AAAB-404A56BDE7BD} 2014-07-12 08:56 - 2014-07-12 08:56 - 00001268 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk 2014-07-12 08:56 - 2014-07-12 08:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-12 08:55 - 2014-07-12 08:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe 2014-07-11 12:58 - 2014-07-11 12:58 - 00001041 _____ () C:\Users\User\Desktop\Dropbox.lnk 2014-07-11 12:57 - 2014-07-13 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster 2014-07-11 12:57 - 2014-07-11 12:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-11 12:56 - 2014-07-13 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox 2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-07-11 10:16 - 2014-07-11 10:16 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-07-11 09:06 - 2014-07-11 10:07 - 00056327 _____ () C:\Users\User\Downloads\Addition.txt 2014-07-11 09:04 - 2014-07-13 15:02 - 00013035 _____ () C:\Users\User\Downloads\FRST.txt 2014-07-11 09:04 - 2014-07-13 15:02 - 00000000 ___DC () C:\FRST 2014-07-11 08:59 - 2014-07-13 15:01 - 02086912 ____C (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-07-11 07:22 - 2014-07-11 07:23 - 29677544 _____ (Mozilla) C:\Users\User\Downloads\Firefox_Setup_de30.0.exe 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2014-07-11 00:33 - 2014-07-11 00:33 - 00000000 ____D () C:\ProgramData\Mozilla 2014-07-11 00:32 - 2014-07-11 00:35 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 23:55 - 2014-07-10 23:55 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iTunes 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files\iPod 2014-07-10 23:55 - 2014-07-10 23:55 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-10 23:48 - 2014-07-10 23:48 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-10 23:48 - 2014-07-10 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-10 23:47 - 2014-07-10 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-10 21:30 - 2014-07-10 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-10 21:29 - 2014-07-10 21:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-10 19:39 - 2014-07-10 19:39 - 00001130 _____ () C:\Users\Public\Desktop\Hijack Hunter.lnk 2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment 2014-07-10 18:08 - 2014-07-10 18:08 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0 2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{60B85EA1-CF5B-4ABB-A3B6-4E1ECBA2EFBD} 2014-07-10 18:03 - 2014-07-10 18:03 - 00002980 _____ () C:\Windows\System32\Tasks\{2C1E11CA-E607-497D-A1E2-FE42137A7FA9} 2014-07-10 06:35 - 2014-07-10 06:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\Avira 2014-07-10 06:30 - 2014-07-10 06:30 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-07-10 06:30 - 2014-07-10 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-10 06:29 - 2014-07-10 06:29 - 00000000 ____D () C:\ProgramData\Avira 2014-07-10 06:22 - 2014-07-10 06:27 - 143880056 _____ () C:\Users\User\Downloads\avira_free_antivirus_de_464.exe 2014-07-10 06:20 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 06:20 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 06:20 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-07-10 06:20 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-07-10 06:19 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 06:19 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 06:19 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 06:19 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 06:19 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 06:19 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 06:19 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 06:19 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 06:19 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 06:19 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-07-10 06:19 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 06:19 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 06:19 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 06:19 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-07-10 06:19 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-07-10 06:19 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 06:19 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-07-10 06:19 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 06:19 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 06:19 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 06:19 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 06:19 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 06:19 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 06:19 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 06:19 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-07-10 06:19 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 06:19 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 06:19 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-07-10 06:19 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 06:19 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 06:19 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-07-10 06:19 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 06:19 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-07-10 06:19 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 06:19 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 06:19 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 06:19 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 06:19 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 06:19 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 06:19 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-07-10 06:19 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-07-10 06:19 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-07-10 06:19 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-07-10 06:18 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 06:18 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 06:18 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 06:17 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-07-10 06:17 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-07-10 06:17 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-07-10 06:17 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\Users\User\AppData\Local\Packages 2014-07-10 06:10 - 2014-07-10 06:10 - 00000000 ____D () C:\ProgramData\504c2cf8db11ac3b 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Gast 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-10 06:09 - 2014-07-10 06:09 - 00000000 ____D () C:\Users\Administrator 2014-07-10 06:07 - 2014-07-10 06:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks 2014-07-09 18:43 - 2014-07-09 18:44 - 00000000 ____D () C:\ProgramData\MFAData 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014 2014-07-09 00:20 - 2014-07-09 00:20 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-07-08 22:10 - 2014-07-08 22:10 - 00000265 _____ () C:\Users\User\AppData\Local\mtagn.bat 2014-07-08 22:08 - 2014-07-13 11:21 - 00003200 _____ () C:\Windows\System32\Tasks\psbep 2014-07-08 22:08 - 2014-07-08 22:08 - 00000265 _____ () C:\Users\User\AppData\Local\psbep.bat 2014-07-08 22:06 - 2014-07-08 22:06 - 00003202 _____ () C:\Windows\System32\Tasks\kvavilo 2014-07-08 22:06 - 2014-07-08 22:06 - 00000265 _____ () C:\Users\User\AppData\Local\kvavilo.bat 2014-07-08 22:04 - 2014-07-08 22:04 - 00003204 _____ () C:\Windows\System32\Tasks\tagmaagm 2014-07-08 22:04 - 2014-07-08 22:04 - 00000265 _____ () C:\Users\User\AppData\Local\tagmaagm.bat 2014-07-08 22:02 - 2014-07-08 22:02 - 00003200 _____ () C:\Windows\System32\Tasks\qsdgxa 2014-07-08 22:02 - 2014-07-08 22:02 - 00000265 _____ () C:\Users\User\AppData\Local\qsdgxa.bat 2014-07-08 22:00 - 2014-07-08 22:00 - 00000265 _____ () C:\Users\User\AppData\Local\mlkji.bat 2014-07-08 21:58 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\abwysmh 2014-07-08 21:58 - 2014-07-08 21:58 - 00000265 _____ () C:\Users\User\AppData\Local\abwysmh.bat 2014-07-08 21:55 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\fdfcvuu 2014-07-08 21:55 - 2014-07-08 21:55 - 00000265 _____ () C:\Users\User\AppData\Local\fdfcvuu.bat 2014-07-08 21:53 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\daolbyol 2014-07-08 21:53 - 2014-07-08 21:53 - 00000265 _____ () C:\Users\User\AppData\Local\daolbyol.bat 2014-07-08 21:51 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\eabigetk 2014-07-08 21:51 - 2014-07-08 21:51 - 00000265 _____ () C:\Users\User\AppData\Local\eabigetk.bat 2014-07-08 21:49 - 2014-07-08 21:49 - 00003200 _____ () C:\Windows\System32\Tasks\rdpthj 2014-07-08 21:49 - 2014-07-08 21:49 - 00000265 _____ () C:\Users\User\AppData\Local\rdpthj.bat 2014-07-08 21:47 - 2014-07-08 21:47 - 00003198 _____ () C:\Windows\System32\Tasks\ubhvb 2014-07-08 21:47 - 2014-07-08 21:47 - 00000265 _____ () C:\Users\User\AppData\Local\ubhvb.bat 2014-07-08 21:45 - 2014-07-08 21:45 - 00003202 _____ () C:\Windows\System32\Tasks\xddorbn 2014-07-08 21:45 - 2014-07-08 21:45 - 00000265 _____ () C:\Users\User\AppData\Local\xddorbn.bat 2014-07-08 21:43 - 2014-07-08 21:43 - 00000265 _____ () C:\Users\User\AppData\Local\bvshaoc.bat 2014-07-08 21:41 - 2014-07-08 21:41 - 00000265 _____ () C:\Users\User\AppData\Local\feogfgwh.bat 2014-07-08 21:39 - 2014-07-08 21:39 - 00003204 _____ () C:\Windows\System32\Tasks\rvalxcnr 2014-07-08 21:39 - 2014-07-08 21:39 - 00000265 _____ () C:\Users\User\AppData\Local\rvalxcnr.bat 2014-07-08 21:37 - 2014-07-08 21:37 - 00000265 _____ () C:\Users\User\AppData\Local\kigcc.bat 2014-07-08 21:35 - 2014-07-08 21:35 - 00000265 _____ () C:\Users\User\AppData\Local\wgpfoh.bat 2014-07-08 21:33 - 2014-07-08 21:33 - 00000265 _____ () C:\Users\User\AppData\Local\dmetc.bat 2014-07-08 21:31 - 2014-07-08 22:55 - 00003206 _____ () C:\Windows\System32\Tasks\cwapdiuq 2014-07-08 21:31 - 2014-07-08 21:31 - 00000265 _____ () C:\Users\User\AppData\Local\cwapdiuq.bat 2014-07-08 21:29 - 2014-07-08 22:54 - 00003206 _____ () C:\Windows\System32\Tasks\bexbocmy 2014-07-08 21:29 - 2014-07-08 21:29 - 00000265 _____ () C:\Users\User\AppData\Local\bexbocmy.bat 2014-07-08 21:27 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\cqemch 2014-07-08 21:27 - 2014-07-08 21:27 - 00000265 _____ () C:\Users\User\AppData\Local\cqemch.bat 2014-07-08 21:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\icwxcmpb 2014-07-08 21:25 - 2014-07-08 21:25 - 00000265 _____ () C:\Users\User\AppData\Local\icwxcmpb.bat 2014-07-08 21:23 - 2014-07-08 21:23 - 00000265 _____ () C:\Users\User\AppData\Local\rvbmado.bat 2014-07-08 21:21 - 2014-07-08 21:21 - 00003202 _____ () C:\Windows\System32\Tasks\vveddlk 2014-07-08 21:21 - 2014-07-08 21:21 - 00000265 _____ () C:\Users\User\AppData\Local\vveddlk.bat 2014-07-08 21:19 - 2014-07-08 22:54 - 00003204 _____ () C:\Windows\System32\Tasks\bixfsag 2014-07-08 21:19 - 2014-07-08 21:19 - 00000265 _____ () C:\Users\User\AppData\Local\bixfsag.bat 2014-07-08 21:17 - 2014-07-08 21:17 - 00000265 _____ () C:\Users\User\AppData\Local\akcpianq.bat 2014-07-08 21:15 - 2014-07-08 21:15 - 00003202 _____ () C:\Windows\System32\Tasks\saedqvt 2014-07-08 21:15 - 2014-07-08 21:15 - 00000265 _____ () C:\Users\User\AppData\Local\saedqvt.bat 2014-07-08 21:13 - 2014-07-08 21:13 - 00000265 _____ () C:\Users\User\AppData\Local\gxxqbb.bat 2014-07-08 21:11 - 2014-07-08 21:11 - 00000265 _____ () C:\Users\User\AppData\Local\cyvkhv.bat 2014-07-08 21:09 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\fmdljrba 2014-07-08 21:09 - 2014-07-08 21:09 - 00000265 _____ () C:\Users\User\AppData\Local\fmdljrba.bat 2014-07-08 21:07 - 2014-07-08 21:07 - 00003202 _____ () C:\Windows\System32\Tasks\noooppp 2014-07-08 21:07 - 2014-07-08 21:07 - 00000265 _____ () C:\Users\User\AppData\Local\noooppp.bat 2014-07-08 21:05 - 2014-07-08 21:05 - 00000265 _____ () C:\Users\User\AppData\Local\ejhdd.bat 2014-07-08 21:03 - 2014-07-08 21:03 - 00003202 _____ () C:\Windows\System32\Tasks\ikmfbcd 2014-07-08 21:03 - 2014-07-08 21:03 - 00000265 _____ () C:\Users\User\AppData\Local\ikmfbcd.bat 2014-07-08 21:01 - 2014-07-08 21:01 - 00003198 _____ () C:\Windows\System32\Tasks\wnful 2014-07-08 21:01 - 2014-07-08 21:01 - 00000265 _____ () C:\Users\User\AppData\Local\wnful.bat 2014-07-08 20:59 - 2014-07-08 20:59 - 00000265 _____ () C:\Users\User\AppData\Local\bdybxrg.bat 2014-07-08 20:57 - 2014-07-08 20:57 - 00000265 _____ () C:\Users\User\AppData\Local\ukbhd.bat 2014-07-08 20:55 - 2014-07-08 20:55 - 00003200 _____ () C:\Windows\System32\Tasks\mlqxdd 2014-07-08 20:55 - 2014-07-08 20:55 - 00000265 _____ () C:\Users\User\AppData\Local\mlqxdd.bat 2014-07-08 20:53 - 2014-07-08 20:53 - 00003204 _____ () C:\Windows\System32\Tasks\usaxfdbi 2014-07-08 20:53 - 2014-07-08 20:53 - 00000265 _____ () C:\Users\User\AppData\Local\usaxfdbi.bat 2014-07-08 20:51 - 2014-07-08 20:51 - 00000265 _____ () C:\Users\User\AppData\Local\wyajku.bat 2014-07-08 20:49 - 2014-07-08 20:49 - 00000265 _____ () C:\Users\User\AppData\Local\waktwf.bat 2014-07-08 20:47 - 2014-07-08 20:47 - 00003198 _____ () C:\Windows\System32\Tasks\wfoxa 2014-07-08 20:47 - 2014-07-08 20:47 - 00000265 _____ () C:\Users\User\AppData\Local\wfoxa.bat 2014-07-08 20:45 - 2014-07-08 22:55 - 00003204 _____ () C:\Windows\System32\Tasks\cgafmim 2014-07-08 20:45 - 2014-07-08 20:45 - 00000265 _____ () C:\Users\User\AppData\Local\cgafmim.bat 2014-07-08 20:43 - 2014-07-08 20:43 - 00000265 _____ () C:\Users\User\AppData\Local\sbelr.bat 2014-07-08 20:41 - 2014-07-08 20:41 - 00000265 _____ () C:\Users\User\AppData\Local\jgcetwmp.bat 2014-07-08 20:39 - 2014-07-08 20:39 - 00000265 _____ () C:\Users\User\AppData\Local\tbgmaf.bat 2014-07-08 20:37 - 2014-07-08 20:37 - 00000265 _____ () C:\Users\User\AppData\Local\ruxceim.bat 2014-07-08 20:35 - 2014-07-08 20:35 - 00003204 _____ () C:\Windows\System32\Tasks\opxizbks 2014-07-08 20:35 - 2014-07-08 20:35 - 00000265 _____ () C:\Users\User\AppData\Local\opxizbks.bat 2014-07-08 20:33 - 2014-07-08 20:33 - 00000265 _____ () C:\Users\User\AppData\Local\hanisfy.bat 2014-07-08 20:31 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\feogfqi 2014-07-08 20:31 - 2014-07-08 20:31 - 00000265 _____ () C:\Users\User\AppData\Local\feogfqi.bat 2014-07-08 20:29 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hyzseexr 2014-07-08 20:29 - 2014-07-08 20:29 - 00000265 _____ () C:\Users\User\AppData\Local\hyzseexr.bat 2014-07-08 20:28 - 2014-07-08 20:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:27 - 2014-07-08 20:27 - 00000265 _____ () C:\Users\User\AppData\Local\cljqodtc.bat 2014-07-08 20:25 - 2014-07-08 22:56 - 00003200 _____ () C:\Windows\System32\Tasks\habcd 2014-07-08 20:25 - 2014-07-08 20:25 - 00000265 _____ () C:\Users\User\AppData\Local\habcd.bat 2014-07-08 20:23 - 2014-07-08 20:23 - 00000265 _____ () C:\Users\User\AppData\Local\hbuvijcg.bat 2014-07-08 20:21 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\agbhtpu 2014-07-08 20:21 - 2014-07-08 20:21 - 00000265 _____ () C:\Users\User\AppData\Local\agbhtpu.bat 2014-07-08 20:19 - 2014-07-08 20:19 - 00000265 _____ () C:\Users\User\AppData\Local\icprfb.bat 2014-07-08 20:17 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\fefvvn 2014-07-08 20:17 - 2014-07-08 20:17 - 00000265 _____ () C:\Users\User\AppData\Local\fefvvn.bat 2014-07-08 20:15 - 2014-07-08 20:15 - 00000265 _____ () C:\Users\User\AppData\Local\xrcufy.bat 2014-07-08 20:13 - 2014-07-08 20:13 - 00000265 _____ () C:\Users\User\AppData\Local\idfbdesc.bat 2014-07-08 20:11 - 2014-07-08 22:56 - 00003202 _____ () C:\Windows\System32\Tasks\gulkbb 2014-07-08 20:11 - 2014-07-08 20:11 - 00000265 _____ () C:\Users\User\AppData\Local\gulkbb.bat 2014-07-08 20:09 - 2014-07-08 22:52 - 00003204 _____ () C:\Windows\System32\Tasks\ahtxlqd 2014-07-08 20:09 - 2014-07-08 20:09 - 00000265 _____ () C:\Users\User\AppData\Local\ahtxlqd.bat 2014-07-08 20:07 - 2014-07-08 20:07 - 00003202 _____ () C:\Windows\System32\Tasks\ophaqrz 2014-07-08 20:07 - 2014-07-08 20:07 - 00000265 _____ () C:\Users\User\AppData\Local\ophaqrz.bat 2014-07-08 20:05 - 2014-07-08 20:05 - 00000265 _____ () C:\Users\User\AppData\Local\fdvnunfw.bat 2014-07-08 20:03 - 2014-07-08 22:56 - 00003204 _____ () C:\Windows\System32\Tasks\eiakbug 2014-07-08 20:03 - 2014-07-08 20:03 - 00000265 _____ () C:\Users\User\AppData\Local\eiakbug.bat 2014-07-08 20:01 - 2014-07-08 20:01 - 00000265 _____ () C:\Users\User\AppData\Local\dgpfhq.bat 2014-07-08 19:59 - 2014-07-08 19:59 - 00000265 _____ () C:\Users\User\AppData\Local\uutbbiiw.bat 2014-07-08 19:57 - 2014-07-08 19:57 - 00003200 _____ () C:\Windows\System32\Tasks\lpfjgl 2014-07-08 19:57 - 2014-07-08 19:57 - 00000265 _____ () C:\Users\User\AppData\Local\lpfjgl.bat 2014-07-08 19:55 - 2014-07-08 19:55 - 00000265 _____ () C:\Users\User\AppData\Local\laetrg.bat 2014-07-08 19:53 - 2014-07-13 11:21 - 00003206 _____ () C:\Windows\System32\Tasks\ptvicepr 2014-07-08 19:53 - 2014-07-08 19:53 - 00000265 _____ () C:\Users\User\AppData\Local\ptvicepr.bat 2014-07-08 19:51 - 2014-07-08 22:55 - 00003200 _____ () C:\Windows\System32\Tasks\bkhol 2014-07-08 19:51 - 2014-07-08 19:51 - 00000265 _____ () C:\Users\User\AppData\Local\bkhol.bat 2014-07-08 19:49 - 2014-07-08 19:49 - 00000265 _____ () C:\Users\User\AppData\Local\dvgve.bat 2014-07-08 19:47 - 2014-07-08 19:47 - 00000265 _____ () C:\Users\User\AppData\Local\fljbhg.bat 2014-07-08 19:45 - 2014-07-08 19:45 - 00000265 _____ () C:\Users\User\AppData\Local\cqfbpcz.bat 2014-07-08 19:43 - 2014-07-08 19:43 - 00003202 _____ () C:\Windows\System32\Tasks\yjbfhjt 2014-07-08 19:43 - 2014-07-08 19:43 - 00000265 _____ () C:\Users\User\AppData\Local\yjbfhjt.bat 2014-07-08 19:41 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\bmhtnb 2014-07-08 19:41 - 2014-07-08 19:41 - 00000265 _____ () C:\Users\User\AppData\Local\bmhtnb.bat 2014-07-08 19:39 - 2014-07-08 22:55 - 00003202 _____ () C:\Windows\System32\Tasks\caqaxv 2014-07-08 19:39 - 2014-07-08 19:39 - 00002213 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00002193 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2014-07-08 19:39 - 2014-07-08 19:39 - 00000265 _____ () C:\Users\User\AppData\Local\caqaxv.bat 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Local\TuneUp Software 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2014-07-08 19:39 - 2014-07-08 19:39 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2014-07-08 19:39 - 2014-06-16 13:13 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2014-07-08 19:39 - 2014-06-16 13:13 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2014-07-08 19:39 - 2014-06-16 13:13 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2014-07-08 19:37 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-07-08 19:37 - 2014-07-08 19:37 - 00003202 _____ () C:\Windows\System32\Tasks\kfdspti 2014-07-08 19:37 - 2014-07-08 19:37 - 00000265 _____ () C:\Users\User\AppData\Local\kfdspti.bat 2014-07-08 19:35 - 2014-07-08 19:36 - 28539304 _____ (TuneUp Software) C:\Users\User\Downloads\TuneUpUtilities2014_de-DE.exe 2014-07-08 19:35 - 2014-07-08 19:35 - 00000265 _____ () C:\Users\User\AppData\Local\aagadgat.bat 2014-07-08 19:33 - 2014-07-08 19:33 - 00000265 _____ () C:\Users\User\AppData\Local\vkapeajh.bat 2014-07-08 19:31 - 2014-07-08 19:31 - 00003202 _____ () C:\Windows\System32\Tasks\pxhairk 2014-07-08 19:31 - 2014-07-08 19:31 - 00000265 _____ () C:\Users\User\AppData\Local\pxhairk.bat 2014-07-08 19:29 - 2014-07-08 19:29 - 00000265 _____ () C:\Users\User\AppData\Local\mcionbb.bat 2014-07-08 19:27 - 2014-07-08 19:27 - 00000265 _____ () C:\Users\User\AppData\Local\noopwp.bat 2014-07-08 19:25 - 2014-07-08 22:56 - 00003206 _____ () C:\Windows\System32\Tasks\hbbuwxqk 2014-07-08 19:25 - 2014-07-08 19:25 - 00000265 _____ () C:\Users\User\AppData\Local\hbbuwxqk.bat 2014-07-08 19:23 - 2014-07-08 19:23 - 00003204 _____ () C:\Windows\System32\Tasks\mkqwccag 2014-07-08 19:23 - 2014-07-08 19:23 - 00000265 _____ () C:\Users\User\AppData\Local\mkqwccag.bat 2014-07-08 19:21 - 2014-07-08 19:21 - 00000265 _____ () C:\Users\User\AppData\Local\owpxaia.bat 2014-07-08 19:19 - 2014-07-08 19:19 - 00003198 _____ () C:\Windows\System32\Tasks\uvuuc 2014-07-08 19:19 - 2014-07-08 19:19 - 00000265 _____ () C:\Users\User\AppData\Local\uvuuc.bat 2014-07-08 19:18 - 2014-07-08 19:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software 2014-07-08 19:17 - 2014-07-09 00:20 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-07-08 19:17 - 2014-07-08 19:44 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2014-07-08 19:17 - 2014-07-08 19:17 - 00000265 _____ () C:\Users\User\AppData\Local\fneme.bat 2014-07-08 19:14 - 2014-07-13 14:45 - 00000000 ____D () C:\Users\User\AppData\Local\lot_07081714 2014-07-08 19:14 - 2014-07-11 00:55 - 00000000 ____D () C:\Program Files (x86)\Browser_AppS 1.1 2014-07-08 19:14 - 2014-07-08 19:14 - 00000265 _____ () C:\Users\User\AppData\Local\zmyexkp.bat 2014-07-08 19:13 - 2014-07-10 06:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf 2014-07-08 19:13 - 2014-06-26 07:24 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-08 19:12 - 2014-07-08 19:12 - 00000000 __RDC () C:\MSOCache 2014-07-08 18:43 - 2014-07-10 17:57 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-08 18:38 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-07-08 18:38 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-07-08 18:38 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-07-08 18:38 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-07-08 08:21 - 2014-07-08 08:21 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-07-08 07:38 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-07-08 07:18 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-07-08 07:18 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-07-08 07:18 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-07-08 07:18 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-07-08 07:18 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-07-08 07:18 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-07-08 07:11 - 2014-07-08 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-08 07:10 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-07 06:26 - 2014-07-07 06:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) 2014-07-07 06:14 - 2014-07-07 06:14 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-07-06 22:09 - 2014-07-08 07:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-07-06 22:09 - 2014-07-06 22:09 - 00000000 ____D () C:\Program Files\Canon 2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\uTorrent 2014-07-06 19:50 - 2014-07-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson 2014-07-06 19:50 - 2013-12-27 23:34 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-07-06 19:49 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-07-06 19:48 - 2014-07-13 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-06 19:48 - 2014-07-10 23:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-06 19:48 - 2014-07-06 19:49 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.1 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\NoVirusThanks 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\gs 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box Monitor 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box 2014-07-06 19:48 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP 2014-07-06 19:47 - 2014-07-06 19:48 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\eBay 2014-07-06 19:47 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp 2014-07-06 19:45 - 2014-07-06 19:47 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork 2014-07-06 19:44 - 2014-07-06 19:44 - 00000000 ____D () C:\Program Files (x86)\1&1 2014-07-06 19:44 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-06 19:44 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-06 19:44 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-07-06 19:31 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files (x86)\Copy Trans 2014-07-06 17:30 - 2014-07-06 17:31 - 00000000 ____D () C:\ProgramData\VirtualizedApplications 2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-06 16:46 - 2014-07-06 16:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-06 15:40 - 2014-07-06 15:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenOffice.org 2014-07-06 15:36 - 2014-07-06 15:42 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 2014-07-06 15:34 - 2014-07-07 06:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3 2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help 2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-06 15:17 - 2014-07-08 22:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\SoftGrid Client 2014-07-06 15:17 - 2014-07-06 15:17 - 00000000 ____D () C:\Users\User\AppData\Local\SoftGrid Client 2014-07-06 15:14 - 2014-07-10 07:28 - 09077672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2014-07-06 15:14 - 2014-07-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-07-06 15:13 - 2014-07-08 18:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client 2014-07-06 15:12 - 2014-07-06 15:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\TP 2014-07-06 14:55 - 2014-07-06 14:55 - 00000000 ____D () C:\Users\User\.tfo4 2014-07-06 12:38 - 2014-07-12 09:32 - 00000000 ____D () C:\Users\Gesicherte u. wiederhergestellte Dateien 7.14 2014-07-06 12:20 - 2014-07-11 00:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer 2014-07-06 12:20 - 2014-07-06 12:20 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer 2014-07-06 12:20 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-07-06 12:19 - 2014-07-06 12:19 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-07-06 12:18 - 2014-07-06 12:18 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\Apple 2014-07-06 12:18 - 2014-07-06 12:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-07-06 12:17 - 2014-07-10 23:47 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-07-06 12:17 - 2014-07-06 12:18 - 00000000 ____D () C:\ProgramData\Apple 2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-06 12:17 - 2014-07-06 12:17 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-07-06 12:11 - 2014-07-06 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2014-07-06 12:10 - 2014-07-06 12:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions 2014-07-06 12:10 - 2014-07-06 12:27 - 00000000 ____D () C:\ProgramData\WindSolutions 2014-07-06 11:49 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe 2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-07-05 14:24 - 2014-07-05 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-07-05 14:24 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAT.DLL 2014-07-05 13:58 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-07-05 13:58 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-07-05 13:58 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-07-05 13:58 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-07-05 13:58 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2014-07-05 13:58 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-07-05 13:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-07-05 13:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-07-05 13:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-07-05 13:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-07-05 13:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-07-05 13:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-07-05 13:57 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-07-05 13:57 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-07-05 13:57 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-07-05 13:57 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-07-05 13:57 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-07-05 13:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-07-05 13:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-07-05 13:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2014-07-05 13:57 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-07-05 13:57 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-07-05 13:57 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-07-05 13:57 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-05 13:57 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-07-05 13:57 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-05 13:57 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-07-05 13:57 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-07-05 13:57 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-07-05 13:57 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-07-05 13:57 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2014-07-05 13:57 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2014-07-05 13:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-07-05 13:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-07-05 13:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-07-05 13:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-07-05 13:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-07-05 13:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-07-05 13:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-07-05 13:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-07-05 13:56 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-07-05 13:56 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-07-05 13:56 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-07-05 13:56 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-07-05 13:56 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-07-05 13:56 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-07-05 13:56 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-07-05 13:56 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-07-05 13:56 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-07-05 13:56 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-07-05 13:56 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-07-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-07-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-07-05 13:56 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-07-05 13:56 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-07-05 13:56 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-07-05 13:56 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-07-05 13:56 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-07-05 13:56 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-07-05 13:56 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-07-05 13:56 - 2013-10-04 04:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-07-05 13:56 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-07-05 13:56 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-07-05 13:56 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-07-05 13:56 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-07-05 13:56 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-07-05 13:56 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-07-05 13:56 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-07-05 13:56 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-07-05 13:56 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-07-05 13:56 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-07-05 13:56 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2014-07-05 13:56 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2014-07-05 13:56 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2014-07-05 13:56 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-07-05 13:56 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2014-07-05 13:56 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2014-07-05 13:56 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-07-05 13:56 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-07-05 13:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-07-05 13:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-07-05 13:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-07-05 13:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-07-05 13:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-07-05 13:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-07-05 13:55 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-07-05 13:55 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-07-05 13:55 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-07-05 13:55 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-07-05 13:55 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-07-05 13:55 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-07-05 13:55 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-07-05 13:55 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-07-05 13:55 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-07-05 13:55 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-07-05 13:55 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-07-05 13:55 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2014-07-05 13:55 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-07-05 13:55 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-07-05 13:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-07-05 13:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-07-05 13:55 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-07-05 13:55 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-07-05 13:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-07-05 13:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-07-05 13:55 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-07-05 13:55 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-07-05 13:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-07-05 13:55 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-07-05 13:55 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-07-05 13:55 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-07-05 13:55 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-07-05 13:55 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-07-05 13:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-07-05 13:55 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-07-05 13:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-07-05 13:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-07-05 13:55 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-07-05 13:55 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-07-05 13:55 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-07-05 13:55 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-07-05 13:55 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2014-07-05 13:55 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2014-07-05 13:55 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-07-05 13:55 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-07-05 13:55 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-07-05 13:55 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-07-05 13:55 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-07-05 13:55 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-07-05 13:55 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-07-05 13:55 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-07-05 13:55 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2014-07-05 13:54 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-07-05 13:54 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-07-05 13:54 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-07-05 13:54 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-07-05 13:54 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-07-05 13:54 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2014-07-05 13:54 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2014-07-05 13:54 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-07-05 13:54 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-07-05 13:54 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs 2014-07-05 13:54 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs 2014-07-05 13:54 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-07-05 13:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-07-05 13:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-07-05 13:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-07-05 13:53 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-07-05 13:53 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-07-05 13:53 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-07-05 13:53 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-07-05 13:53 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-07-05 13:53 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-07-05 13:53 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-07-05 13:53 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2014-07-05 13:53 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2014-07-05 13:53 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-07-05 13:53 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-07-05 13:53 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-07-05 13:53 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-07-05 13:53 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-07-05 13:52 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-07-05 13:52 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-07-05 13:52 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-07-05 13:52 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-07-05 13:52 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-07-05 13:52 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-07-05 13:52 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-07-05 13:52 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-07-05 13:52 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-07-05 13:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-07-05 13:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-07-05 13:52 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-07-05 13:52 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-07-05 13:52 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-07-05 13:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-07-05 13:52 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2014-07-05 13:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-07-05 13:52 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2014-07-05 13:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-07-05 13:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-07-05 13:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-07-05 13:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-07-05 13:52 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-07-05 13:52 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-07-05 13:52 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-07-05 13:52 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-07-05 13:52 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-07-05 13:52 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-07-05 13:52 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-07-05 13:52 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-07-05 13:52 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-07-05 13:52 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-07-05 13:52 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-07-05 13:52 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2014-07-05 13:52 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2014-07-05 13:52 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-07-05 13:52 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-07-05 13:52 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-07-05 13:52 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2014-07-05 13:52 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-07-05 13:52 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-07-05 13:52 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-07-05 13:52 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-07-05 13:52 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-07-05 13:52 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-07-05 13:52 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2014-07-05 13:52 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2014-07-05 13:52 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-07-05 13:52 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2014-07-05 13:52 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-07-05 13:52 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-07-05 13:52 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-07-05 13:52 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-07-05 13:45 - 2014-07-05 13:45 - 00000000 ____D () C:\Users\User\Desktop\Ulead Package Folder 2014-07-05 13:07 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-07-05 13:07 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-07-05 13:07 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-07-05 13:07 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-07-05 13:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-07-05 13:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-07-05 13:05 - 2014-07-06 11:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe 2014-07-02 13:45 - 2014-07-02 13:45 - 00000000 _____ () C:\Users\.wh..wh.aufs 2014-07-02 12:16 - 2014-07-06 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Media Player Classic 2014-07-02 12:15 - 2014-07-02 12:15 - 00000000 ____D () C:\report 2014-07-02 12:14 - 2014-07-02 12:14 - 00017408 _____ () C:\Users\User\AppData\Local\WebpageIcons.db 2014-07-02 11:43 - 2014-07-02 12:16 - 00000000 ____D () C:\Temp 2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\Documents\Avatar 2014-07-02 11:42 - 2014-07-02 11:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\CyberLink 2014-07-02 11:41 - 2014-07-11 00:36 - 00000000 ____D () C:\Users\User\AppData\Local\Google 2014-07-02 11:19 - 2014-07-02 11:20 - 00000000 ____D () C:\Users\User\Heaven 2014-07-02 11:19 - 2014-07-02 11:19 - 00003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage 2014-07-02 11:10 - 2014-07-13 14:41 - 00000000 ____D () C:\Users\User\Documents\Youcam 2014-07-02 11:10 - 2014-07-02 11:10 - 00000000 ____D () C:\Users\User\AppData\Local\CyberLink 2014-07-02 11:09 - 2014-07-02 11:09 - 00000000 ____D () C:\Users\User\AppData\Local\Power2Go 2014-07-02 11:08 - 2014-07-13 14:37 - 00001168 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-02 11:08 - 2014-07-13 14:37 - 00000985 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-07-02 11:08 - 2014-07-10 19:19 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore 2014-07-02 11:08 - 2014-07-02 11:08 - 00000020 ___SH () C:\Users\User\ntuser.ini 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Vorlagen 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Startmenü 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Lokale Einstellungen 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Eigene Dateien 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Druckumgebung 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\AppData\Local\Anwendungsdaten 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 _SHDL () C:\Users\User\Anwendungsdaten 2014-07-02 11:08 - 2014-07-02 11:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel 2014-07-02 11:07 - 2014-07-02 11:07 - 00000000 ____D () C:\ProgramData\Kaspersky Rescue Disk 10 2014-07-02 11:07 - 2012-04-11 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema 2014-07-02 11:07 - 2012-03-14 23:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia 2014-07-02 11:07 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-02 11:07 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MARKEMENT 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Medion_Services 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\ProgramData\Aldi_Foto 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Memeo 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\Mediathek 2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Program Files (x86)\MARKEMENT 2014-07-02 11:06 - 2011-08-15 12:59 - 00001854 _____ () C:\Users\Public\Desktop\MEDION Services.lnk 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Users\Public\Documents\Corel 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics (64-Bit) 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\ProgramData\Corel 2014-07-02 11:04 - 2014-07-02 11:04 - 00000000 ____D () C:\Program Files\Microsoft Mathematics 2014-07-02 11:04 - 2011-09-20 13:06 - 00002439 _____ () C:\Users\Public\Desktop\MEDIONmediathek.lnk 2014-07-02 11:03 - 2014-07-02 11:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5 2014-07-02 11:03 - 2014-07-02 11:03 - 00000000 ____D () C:\Program Files (x86)\Corel 2014-07-02 11:02 - 2014-07-11 00:52 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-02 11:02 - 2014-07-08 19:14 - 00002732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\TvdPersonal 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\watchmi 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files\PlayReady 2014-07-02 11:02 - 2014-07-02 11:02 - 00000000 ____D () C:\Program Files (x86)\watchmi 2014-07-02 10:51 - 2014-07-13 14:38 - 01804993 _____ () C:\Windows\WindowsUpdate.log 2014-07-02 10:51 - 2014-07-02 10:52 - 00000000 ____D () C:\Recovery 2014-06-22 23:57 - 2014-07-13 11:23 - 00000000 ___RD () C:\Users\User\Dropbox 2014-06-22 23:55 - 2014-07-06 11:18 - 00000000 ____D () C:\Users\User\Documents\Tune up und diverses 2014-06-22 21:21 - 2014-07-08 20:16 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister Backup 2014-06-22 21:21 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\VirtualDJ 2014-06-22 21:20 - 2014-07-06 11:42 - 00000000 ____D () C:\Users\User\Desktop\Klassentreffen 2014 2014-06-22 21:20 - 2014-07-06 11:41 - 00000000 ___RD () C:\Users\User\Desktop\HD-PVU2_100 2014-06-22 21:20 - 2014-07-06 11:27 - 00000000 ____D () C:\Users\User\Desktop\Tanzfragen 2014-06-22 21:20 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\Turbo Lister 2014-06-22 21:20 - 2014-06-22 08:40 - 00009078 _____ () C:\Users\User\Documents\miller.xlsx 2014-06-22 21:17 - 2014-07-06 11:41 - 00000000 ____D () C:\Users\User\Desktop\Basisprogramm für fortlaufende Gruppen 2014-06-22 21:17 - 2014-04-25 12:58 - 06772879 _____ () C:\Users\User\Desktop\wordpress-3.9-de_DE.zip 2014-06-22 21:16 - 2014-06-22 18:49 - 00009080 _____ () C:\Users\User\Desktop\miller.xlsx 2014-06-22 21:16 - 2013-12-14 08:52 - 01750312 _____ (WindSolutions) C:\Users\User\Desktop\logpacker.exe 2014-06-22 21:16 - 2013-05-04 11:32 - 00001050 _____ () C:\Users\User\Desktop\VirtualDJ Home FREE.lnk 2014-06-22 21:16 - 2012-12-29 12:53 - 2884829184 _____ () C:\Users\User\Desktop\Windows Installationsdatei 12.12.iso 2014-06-22 21:15 - 2013-05-04 11:29 - 38944576 _____ (Atomix Productions) C:\Users\User\Desktop\install_virtualdj_home_v7.4.exe 2014-06-22 21:15 - 2013-03-07 23:19 - 90130256 _____ (Apple Inc.) C:\Users\User\Desktop\iTunes64Setup.exe 2014-06-22 21:14 - 2014-02-20 20:38 - 00055808 _____ () C:\Users\User\Desktop\FahrplanTage berechnen.xls 2014-06-22 21:14 - 2014-02-20 19:27 - 00057856 _____ () C:\Users\User\Desktop\Fahrplan2.xls 2014-06-22 21:14 - 2014-01-17 10:38 - 1489184417 _____ () C:\Users\User\Desktop\home-hd-de.zip 2014-06-22 21:14 - 2013-12-27 23:46 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\User\Desktop\hijackhunter_setup.exe 2014-06-22 21:14 - 2013-12-24 10:43 - 00053760 _____ () C:\Users\User\Desktop\Fahrplan2014.xls 2014-06-22 21:14 - 2013-12-17 23:43 - 36152456 _____ (Amazon) C:\Users\User\Desktop\AmazonCloudPlayerInstaller_399.exe 2014-06-22 20:59 - 2014-07-06 11:22 - 00000000 ____D () C:\Users\User\Documents\CyberLink [CODE] |
FRST 2. Teil Code: ==================== One Month Modified Files and Folders =======mein Antivir geht nimmer, kann es sein? Ist mit diesem Uninstaller uninstalliert? :kaffee: wollte antivir aktivieren, geht nicht, hab deinstalliert und über filepony heruntergeladen, kann es nicht öffnen, kommt ne Meldung, dass nur Systemadmin das tun kann, das hatte ich vorher nie: es gehn auch wieder ungefragt Fenster auf! |
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? :) |
sorry, war gestern nicht zuhause, führe jetzt die Anweisungen aus :-) ESET hat die ganze Nacht gedauert :kaffee::pfeiff::heilig: Code: Code: Code: Results of screen317's Security Check version 0.99.85 |
Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 |
Code: Bin grad am überlegen, ich meinen fast neuen Laptop versenke :headbang::kloppen::pfui: "Sie verfügen nicht über ausreichenden Berechtigung, um z.B. Antivir zu deinstallieren, wenden Sie sich an Ihren Systemadministrator", egal was ich tue, irgendwas blockiert mich immer |
Java und ADobe updaten. TuneUp deinstallieren, unbedingt! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code: C:\ProgramData\AnizQoyqSpeichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Frisches FRST log bitte. |
Code: |
Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014 |
Code: ==================== One Month Modified Files and Folders =======Hi, durch die ganz Hin und Herprobiererei habe ich Probleme mit Adminrechten, ich habe inzwischen 2 Benutzerkonten, mit meinem schon immer benutzten Ben.Konto komme ich nicht mehr ins Netz, obwohl ich ne Fritzbox 7240 habe, ich will aber keine 2 Konten, irgendwas hab ich verstellt, nehme ich an. Welches Forum kann mir helfen? Kenn mich zu wenig aus, das ist echt doof und bin inzwischen nicht mehr entspannt. Hi, heute morgen ist "er" friedlich :heilig:, Mozilla läuft gut; nur dass ich ein Adminkonto habe, was ich garnicht eröffnet habe, verwirrt mich. Ist es von Windows erstellt? Da ich in mein persönliches Benutzerkonto nur über LAN reinkomme, kann ich mir nur vorstellen, dass etwas verstellt wurde von mir bei dem ganzen Chaos. Schau mal ob mein Lapi heute einen altgewohnten guten Tag hat. Danke dir auf jeden Fall erstmal... bin froh, dass es euch gibt! :dankeschoen: LG Silvia |
Zitat:
|
Liste der Anhänge anzeigen (Anzahl: 2) bekomme W-lan nicht mehr hin, sitze mit Lankabel am PC; habe keine Adminrechte, keine Ahnung, was da los ist. Screenshot Silvia / Administrator und Kennwortgeschützt ist meines, aber in der Benutzerkonten-Einstellung selbst ist es ein Standardkonto, das geht auch nicht zu ändern in Admin, da sich der andere Screenshot Administrator nennt, den hab ich aber net erstellt. Und da geht nichts zu ändern. Mozilla läuft schön und problemlos! :daumenhoch: Schönen Sonntag und :dankeschoen: LG Silvia |
Klick mal auf andere Konten verwalten ud zeig mir davon nen Screenshot, sprich wo alle Konten zu sehen sind. |
Liste der Anhänge anzeigen (Anzahl: 1) voila |
Start drücken, in das Suchfeld unten CMD eintippen, oben erscheint CMD, rechtsklick darauf und Als Admin starten. In das CMD Fenster folgendes eintippen: net user administrator /active=false und enter drücken. Rebooten, nochmal nen neuen Screenshot. |
Liste der Anhänge anzeigen (Anzahl: 1) das Konto ist noch da, habs paarmal probiert von meinem Benutzerkonto aus, war das ok? |
Kam den bei dem Befehl irgend ne Fehlermeldung? |
ja sorry "die Option active=false ist unbekannt" vorher wurde ich gefragt, ob ich Änderungen an Windows zulassen möchte |
Mein Fehler, Schlafmangel :) Diesen Befehl bitte: net user administrator /active:no |
no problem, das kenn ich auch sorry, aber mein PC hat Urlaub und ich bin in Reha, kann nur sporadisch an einen fremden PC, ich melde mich wieder, wenn ich den Befehl an meinen Rechner ausgeführt habe. ciao Silvia :-) |
ok :) |
Hi, wollte mich mal melden. Läuft alles super, der letzte Tip war der letzte Schliff. Ich lass regelmäßig Malware durchlaufen, Antivir läuft, alles soweit ok. Wenn ich nochmal HIIIILFE rufe, weiß ich wer mir helfen kann! :heilig::dankeschoen: LG Silvia |
Fertig :) Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :) Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. |
das sind ja richtige Hausaufgaben ;-) und ich dachte schon.....:kaffee: Eye, eye, mach und meld mich! Bewertung bekommst du natürlich dann nochmal extra! Sil |
ok :) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:41 Uhr. |
Copyright ©2000-2025, Trojaner-Board
