Trojaner-Board - Iminent-und ich bekomme es nicht los!

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014

Ran by A (administrator) on ANGELIKA on 19-11-2014 11:51:16

Running from C:\Users\A\Downloads

Loaded Profile: A (Available profiles: UpdatusUser & A)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

AppInit_DLLs: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [239088 2010-06-14] (Sophos Plc)

IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-38175970-4281960952-3473621719-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

SearchScopes: HKU\S-1-5-21-38175970-4281960952-3473621719-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=99E373C1-82DB-4896-A32F-FEC15AD35541&ref=toolbox&q={searchTerms}

BHO: Sophos Web Content Scanner -> {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} -> C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Plc)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\A\AppData\LocalLow\systems ie bho\bho.dll ()

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Sophos Web Content Scanner -> {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} -> C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

Winsock: Catalog9 01 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 02 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 03 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 04 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 05 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 06 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 07 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 08 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 09 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 09 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default

FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=00000000-0000-0000-0000-000000000000

FF DefaultSearchEngine: StartWeb

FF SelectedSearchEngine: StartWeb

FF Homepage: hxxp://www.google.de/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF user.js: detected! => C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\user.js

FF Extension: Foxy Secure - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\Extensions\admin@foxysecure.com [2014-06-24]

FF Extension: Adblock Plus - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-10]

FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 

Chrome: 

=======

CHR HKLM-x32\...\Chrome\Extension: [chaaohobdpahkmbnkbedihflckcnnink] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5106\ch\MediaViewV1alpha5106.crx []

CHR HKLM-x32\...\Chrome\Extension: [ijogeilhhandekngbfbbolgfdhgdbdip] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta393\ch\VideoPlayerV3beta393.crx []

CHR HKLM-x32\...\Chrome\Extension: [kemphmeilhpkpfgghpcffekcicoelbca] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha235\ch\WebexpEnhancedV1alpha235.crx []

CHR HKLM-x32\...\Chrome\Extension: [lcjcbfjlapjkcdpenldfklmecfadmiid] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1969\ch\MediaViewV1alpha1969.crx []
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [163056 2010-08-16] (Sophos Plc)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [97520 2010-06-14] (Sophos Plc)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [1531632 2010-08-16] (Sophos Plc)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-22] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-22] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [141304 2010-03-02] (Sophos Plc)

S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2010-03-02] (Sophos Plc)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-11-19 11:51 - 2014-11-19 11:52 - 00018998 _____ () C:\Users\A\Downloads\FRST.txt

2014-11-19 11:50 - 2014-11-19 11:51 - 00000000 ____D () C:\FRST

2014-11-19 11:50 - 2014-11-19 11:50 - 02117120 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe

2014-11-18 22:49 - 2014-10-30 01:55 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-11-18 22:49 - 2014-10-30 01:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-18 22:42 - 2014-11-18 22:54 - 00000000 ___RD () C:\WINDOWS\BrowserChoice

2014-11-18 22:41 - 2014-11-18 22:52 - 00001366 _____ () C:\WINDOWS\PFRO.log

2014-11-18 22:40 - 2014-11-18 22:55 - 00000000 ____D () C:\ProgramData\Package Cache

2014-11-18 22:33 - 2014-11-19 11:42 - 00126906 _____ () C:\WINDOWS\WindowsUpdate.log

2014-11-18 21:41 - 2014-11-18 21:41 - 00000000 ____D () C:\AdwCleaner

2014-11-18 21:40 - 2014-11-18 21:40 - 02140160 _____ () C:\Users\A\Downloads\AdwCleaner_4.101.exe

2014-11-16 19:49 - 2014-11-16 19:49 - 00000306 __RSH () C:\ProgramData\ntuser.pol

2014-11-16 14:13 - 2014-11-16 14:13 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-11-14 23:17 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2014-11-14 23:17 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-11-14 23:17 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2014-11-14 23:17 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-11-14 23:17 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2014-11-14 23:17 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2014-11-14 23:17 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2014-11-14 23:16 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-11-14 23:16 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-11-14 23:16 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-11-14 23:16 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-11-14 23:16 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-11-14 23:16 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-11-14 23:16 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-11-14 23:16 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-11-14 23:16 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll

2014-11-14 22:58 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2014-11-14 22:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2014-11-14 22:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-11-14 22:49 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2014-11-14 22:49 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2014-11-14 22:49 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2014-11-14 22:49 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2014-11-14 22:49 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2014-11-14 22:49 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2014-11-14 22:49 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2014-11-14 22:49 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2014-11-14 22:49 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2014-11-14 22:49 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-11-14 22:46 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-11-14 22:46 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-11-14 22:46 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-11-14 22:46 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-11-14 22:46 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-11-14 22:46 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-11-14 22:46 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2014-11-14 22:46 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-11-14 22:46 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2014-11-14 22:46 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll

2014-11-14 22:46 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-11-14 22:46 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2014-11-14 22:46 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2014-11-14 22:46 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2014-11-14 22:46 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll

2014-11-14 22:46 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-14 22:46 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-11-14 22:46 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-11-14 22:46 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-11-14 22:46 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-14 22:46 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-11-14 22:46 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-11-14 22:46 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-11-14 22:46 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-11-14 22:46 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-11-14 22:46 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-11-14 22:46 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-11-14 22:37 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-11-14 22:37 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-11-14 22:37 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2014-11-14 22:37 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys

2014-11-14 22:37 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-11-14 22:37 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-11-14 22:37 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll

2014-11-14 22:37 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-11-14 22:37 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2014-11-14 22:37 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-11-14 22:37 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-11-14 22:37 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll

2014-11-14 22:37 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-11-14 22:37 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-11-14 22:37 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-11-14 22:36 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-11-14 22:35 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-11-14 22:35 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-11-14 22:35 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-11-14 22:35 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2014-11-14 22:35 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2014-11-14 22:35 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-11-14 22:35 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-11-14 22:35 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-11-14 22:35 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-11-14 22:35 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-11-14 22:35 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-11-14 22:35 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-11-14 22:35 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-11-14 22:35 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-11-14 22:35 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-11-14 22:35 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-11-14 22:35 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-11-14 22:35 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-11-14 22:35 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-11-14 22:35 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-11-14 22:34 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-11-14 22:34 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-11-14 22:33 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-11-14 22:33 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-11-14 22:33 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-11-14 22:33 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-11-14 22:33 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-11-14 22:33 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-11-14 22:33 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-11-14 22:33 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-11-14 22:33 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-11-14 22:33 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-11-14 22:33 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-11-14 22:33 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-11-14 22:33 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-11-14 22:33 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-11-14 22:33 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-11-14 22:33 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-11-14 22:33 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-11-14 22:33 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-11-14 22:33 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-11-14 22:33 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-11-14 22:33 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-11-14 22:33 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-11-14 22:33 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-11-14 22:33 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-11-14 22:17 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-11-14 22:17 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-11-14 22:17 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-11-14 22:17 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2014-11-14 22:17 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2014-11-14 22:17 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-11-14 22:17 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2014-11-14 22:17 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-11-14 22:17 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-11-14 22:15 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-11-14 22:15 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-11-14 22:14 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe

2014-11-14 22:14 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe

2014-11-14 22:14 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll

2014-11-14 22:14 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

2014-11-14 22:14 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-11-14 22:14 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-11-14 22:14 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2014-11-14 22:14 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-11-14 22:14 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-11-14 22:14 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-11-14 22:14 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll

2014-11-14 22:14 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2014-11-14 22:14 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2014-11-14 22:14 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2014-11-14 22:14 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-11-14 22:14 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-11-14 22:14 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-11-14 22:14 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-11-14 22:14 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll

2014-11-14 22:14 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-11-14 22:14 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-11-14 22:14 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2014-11-14 22:14 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2014-11-14 22:14 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2014-11-14 22:14 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-11-14 22:14 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-11-14 22:14 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll

2014-11-14 22:14 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2014-11-14 22:14 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-11-14 22:14 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll

2014-11-14 22:14 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2014-11-14 22:14 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2014-11-14 22:14 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-11-14 22:14 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-11-14 22:14 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-11-14 22:14 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-11-14 22:14 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-11-14 22:14 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-11-14 22:14 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll

2014-11-14 22:14 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-11-14 22:14 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe

2014-11-14 22:14 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe

2014-11-14 22:14 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe

2014-11-14 22:14 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll

2014-11-14 22:14 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe

2014-11-14 22:14 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-11-14 22:14 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll

2014-11-14 22:14 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-11-14 22:14 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2014-11-14 22:14 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-11-14 22:14 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-11-14 22:14 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-11-14 22:14 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-11-14 22:14 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-11-14 22:14 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-11-14 22:14 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll

2014-11-14 22:14 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll

2014-11-14 22:14 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2014-11-14 22:14 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2014-11-14 22:14 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-11-14 22:14 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-11-14 22:14 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll

2014-11-14 22:14 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-11-14 22:14 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2014-11-14 22:14 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-11-14 22:14 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll

2014-11-14 22:14 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-11-14 22:14 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2014-11-14 22:14 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-11-14 22:14 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll

2014-11-14 22:14 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-11-14 22:14 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2014-11-14 22:14 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2014-11-14 22:14 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-11-14 22:14 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-11-14 22:14 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-11-14 22:14 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-11-14 22:14 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll

2014-11-14 22:14 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-11-14 22:14 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-11-14 22:14 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-11-14 22:13 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe

2014-11-14 22:13 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll

2014-11-14 22:13 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll

2014-11-14 22:13 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-11-14 22:13 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-11-14 22:11 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2014-11-14 22:11 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-11-14 22:11 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-11-14 22:11 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-11-14 22:11 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-11-14 22:11 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-11-14 22:11 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-11-14 22:11 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-11-14 22:11 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2014-11-14 22:11 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2014-11-14 22:11 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-11-14 22:11 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-11-14 22:11 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-11-14 22:11 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll

2014-11-14 22:11 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll

2014-11-14 22:11 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-11-14 22:11 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll

2014-11-14 22:11 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-11-14 22:11 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-11-14 22:11 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll

2014-11-14 22:11 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2014-11-14 22:11 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-11-14 22:11 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-11-14 22:11 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-11-14 22:11 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2014-11-14 22:11 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2014-11-14 22:10 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll

2014-11-14 22:10 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

2014-11-13 16:28 - 2014-11-18 22:55 - 00000000 ____D () C:\Users\A\OneDrive

2014-11-13 16:21 - 2014-11-13 16:21 - 00001452 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-11-13 16:20 - 2014-11-13 16:20 - 00000020 ___SH () C:\Users\A\ntuser.ini

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-11-10 22:35 - 2014-11-10 22:35 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat

2014-11-10 22:20 - 2014-11-10 22:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-11-10 22:20 - 2014-11-10 22:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-11-10 22:19 - 2014-11-10 22:19 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-11-10 22:11 - 2014-11-10 22:11 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate

2014-11-10 22:10 - 2014-11-17 12:27 - 00000000 ____D () C:\Users\A

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Vorlagen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Startmenü

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Netzwerkumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Lokale Einstellungen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Eigene Dateien

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Druckumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Documents\Eigene Musik

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Documents\Eigene Bilder

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Local\Verlauf

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Local\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Anwendungsdaten

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-10 22:09 - 2014-11-10 22:38 - 00036198 _____ () C:\WINDOWS\diagwrn.xml

2014-11-10 22:09 - 2014-11-10 22:38 - 00036198 _____ () C:\WINDOWS\diagerr.xml

2014-11-10 22:00 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin

2014-11-10 22:00 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2014-11-10 22:00 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2014-11-10 21:59 - 2014-11-10 22:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-11-10 21:59 - 2014-11-10 22:15 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-11-10 21:59 - 2014-11-10 22:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-11-10 21:59 - 2014-11-10 21:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-11-10 21:58 - 2014-11-10 21:58 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat

2014-11-10 21:58 - 2014-11-10 21:58 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk

2014-11-10 21:58 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2014-11-10 21:58 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2014-11-10 21:57 - 2014-11-10 21:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM

2014-11-10 21:57 - 2014-11-10 21:57 - 00000000 ____D () C:\Program Files\Realtek

2014-11-10 21:55 - 2014-11-10 22:05 - 00000000 __SHD () C:\Recovery

2014-11-10 21:54 - 2014-11-18 21:07 - 00000000 ___DC () C:\WINDOWS\Panther

2014-11-10 21:51 - 2014-11-10 21:51 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-11-10 21:50 - 2014-11-10 21:50 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-11-10 21:50 - 2014-11-10 21:50 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-11-10 21:49 - 2014-11-10 21:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-11-10 21:46 - 2014-11-10 22:21 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files\MSBuild

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies

2014-11-10 21:45 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-11-19 11:43 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-11-19 11:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-11-18 23:01 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-11-18 23:01 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2014-11-18 23:01 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2014-11-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-11-18 22:56 - 2013-06-24 20:13 - 00000062 _____ () C:\Users\A\AppData\Roaming\sp_data.sys

2014-11-18 22:55 - 2013-07-02 00:30 - 00944128 ___SH () C:\Users\A\Desktop\Thumbs.db

2014-11-18 22:54 - 2013-06-24 20:12 - 00000000 ____D () C:\Users\A\AppData\Local\Packages

2014-11-18 22:53 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-11-18 22:53 - 2013-08-22 15:44 - 00481504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-11-18 22:45 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-11-18 21:09 - 2014-06-29 22:35 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-11-18 20:50 - 2013-06-24 20:23 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-38175970-4281960952-3473621719-1002

2014-11-18 20:45 - 2014-01-18 13:15 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-11-18 20:44 - 2014-02-18 22:32 - 00000000 ____D () C:\Users\A\AppData\Roaming\Canon

2014-11-18 15:30 - 2014-05-19 15:14 - 00000000 ____D () C:\Users\A\Documents\Euro Truck Simulator 2

2014-11-18 09:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-11-16 20:48 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-11-16 20:47 - 2013-09-28 12:32 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-16 20:44 - 2013-08-09 20:32 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-11-16 20:38 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-11-16 20:38 - 2013-06-26 15:42 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-11-16 19:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore

2014-11-10 22:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT

2014-11-10 22:41 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

2014-11-10 22:38 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration

2014-11-10 22:30 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media

2014-11-10 22:30 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries

2014-11-10 22:23 - 2013-05-19 00:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV

2014-11-10 22:23 - 2013-05-19 00:26 - 00000000 ____D () C:\WINDOWS\system32\NV

2014-11-10 22:21 - 2014-09-24 07:00 - 00000000 ____D () C:\WINDOWS\ShellNew

2014-11-10 22:21 - 2014-07-31 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-11-10 22:21 - 2014-06-29 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-10 22:21 - 2014-03-22 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-11-10 22:21 - 2014-01-18 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint

2014-11-10 22:21 - 2014-01-18 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP610 series Manual

2014-11-10 22:21 - 2013-09-28 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

2014-11-10 22:21 - 2013-09-28 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-11-10 22:21 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2014-11-10 22:21 - 2013-05-19 00:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\nl

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\it

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\fr

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\de

2014-11-10 22:21 - 2012-11-27 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2014-11-10 22:21 - 2012-07-26 10:43 - 00000000 ____D () C:\WINDOWS\en-GB

2014-11-10 22:20 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\WCN

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME

2014-11-10 22:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI

2014-11-10 22:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2014-11-10 22:19 - 2013-05-19 00:31 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda

2014-11-10 22:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-11-10 22:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME

2014-11-10 22:17 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker

2014-11-10 22:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help

2014-11-10 22:15 - 2014-03-10 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-11-10 22:15 - 2014-02-18 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-11-10 22:15 - 2013-05-19 00:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD

2014-11-10 22:15 - 2012-08-02 14:28 - 00000000 ____D () C:\ProgramData\PRICache

2014-11-10 22:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery

2014-11-10 22:11 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy

2014-11-10 21:52 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-11-09 16:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

2014-10-22 10:10 - 2014-03-13 13:13 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

2014-10-22 10:10 - 2014-03-10 22:47 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2014-10-22 10:10 - 2014-03-10 22:47 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS
 
 

Some content of TEMP:

====================

C:\Users\A\AppData\Local\Temp\avgnt.exe

C:\Users\A\AppData\Local\Temp\MPDD0000.exe

C:\Users\A\AppData\Local\Temp\Quarantine.exe

C:\Users\A\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-11-10 21:56
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014

Ran by A at 2014-11-19 11:54:45

Running from C:\Users\A\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Sophos Anti-Virus (Enabled - Out of date) {479CCF92-4960-B3E0-7373-BF453B467D2C}

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Sophos Anti-Virus (Enabled - Out of date) {FCFD2E76-6F5A-BC6E-49C3-843740C13791}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)

ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)

ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)

ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)

ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)

ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)

Avira (HKLM-x32\...\{905d3ded-fe60-432c-b56e-7cd19f2899ac}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)

BetterSurf Plus V1 (HKLM-x32\...\BetterSurf Plus V1) (Version: 1.1 - Better Surf)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)

CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6886 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 9.5.2 - Sophos Plc)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)

Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION

Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

16-11-2014 18:52:32 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0355B31A-7CD6-403F-BBE7-8EB775F65144} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

Task: {27A82664-B71D-4DCB-B2CA-D0E212FD5889} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION

Task: {338CA8E7-BF33-42D8-9D68-12C996715278} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)

Task: {4BC4623A-407A-4187-B1DB-3B0E682A7EA3} - \AmiUpdXp No Task File <==== ATTENTION

Task: {56DADB8B-E5C3-4A64-ABEF-C539F3251539} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe

Task: {61525C16-D699-4CA5-8482-FFFA93F3BD6F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe

Task: {62A95FC2-C335-440A-BBBB-CD3F7CE6D9F6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {6BF53254-DF68-42F1-84E7-7EC1B1D19937} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-16] (Microsoft Corporation)

Task: {76677006-3DC7-42F4-B860-131BC29942DC} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2013-08-22] (Microsoft Corporation)

Task: {7D0C3394-43CF-4E14-BAF3-8B04069BABB5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)

Task: {7F1709F4-C9FE-430C-9A14-0AA141540C48} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)

Task: {82D2B3D0-FEFE-4679-B287-2995E3A443DB} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()

Task: {9378674F-2A1A-42E4-BC5E-9D5FAA4E4527} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe

Task: {941E1B72-D406-412B-8BC1-CB8FA1FC2EE4} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)

Task: {B4610DBF-D9B1-486A-A0B4-F7A5D3CCA77E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)

Task: {BBE0485A-2145-476E-8B1D-B1617748BC2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: {C510AD82-06A9-4383-9593-520AA17F48F5} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
 

==================== Loaded Modules (whitelisted) =============
 

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf

2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-22 15:44 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2014-03-22 15:44 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2014-03-22 15:44 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2014-03-22 15:44 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2014-03-22 15:44 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2014-06-18 19:32 - 2014-06-18 19:32 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-05-19 00:22 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\A\OneDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
 

========================= Accounts: ==========================
 

A (S-1-5-21-38175970-4281960952-3473621719-1002 - Administrator - Enabled) => C:\Users\A

Administrator (S-1-5-21-38175970-4281960952-3473621719-500 - Administrator - Disabled)

Gast (S-1-5-21-38175970-4281960952-3473621719-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-38175970-4281960952-3473621719-1016 - Limited - Enabled)

UpdatusUser (S-1-5-21-38175970-4281960952-3473621719-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Der Index kann nicht initialisiert werden.
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Die Anwendung kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Das Gatherer-Objekt kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 3057) (User: )

Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        (HRESULT : 0x8e5e0210) (0x8e5e0210)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
 
 

Details:

         0x8e5e0210 (0x8e5e0210)
 

Error: (11/18/2014 10:50:16 PM) (Source: ESENT) (EventID: 455) (User: )

Description: SearchIndexer (2980) Windows: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00023.log.
 

Error: (11/18/2014 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: svchost.exe_gpsvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3

Name des fehlerhaften Moduls: gpsvc.dll, Version: 6.3.9600.17238, Zeitstempel: 0x53d0c970

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00000000000326b2

ID des fehlerhaften Prozesses: 0x44c

Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_gpsvc0

Pfad der fehlerhaften Anwendung: svchost.exe_gpsvc1

Pfad des fehlerhaften Moduls: svchost.exe_gpsvc2

Berichtskennung: svchost.exe_gpsvc3

Vollständiger Name des fehlerhaften Pakets: svchost.exe_gpsvc4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_gpsvc5
 

Error: (11/17/2014 00:27:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13875
 
 

System errors:

=============

Error: (11/18/2014 10:56:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0841 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB2967917)
 

Error: (11/18/2014 10:56:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (11/18/2014 10:56:13 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1326
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (11/18/2014 10:51:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 

%%1056
 

Error: (11/18/2014 10:50:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (11/18/2014 10:50:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet: 

%%2147749126
 

Error: (11/18/2014 10:50:16 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)

Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
 

Error: (11/18/2014 10:50:16 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 

Error: (11/18/2014 10:50:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (11/18/2014 10:50:13 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1326
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 
 

Microsoft Office Sessions:

=========================

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Kontext: Windows Anwendung
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Search.TripoliIndexer
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 3057) (User: )

Description: Kontext: Windows Anwendung
 
 

Details:

        (HRESULT : 0x8e5e0210) (0x8e5e0210)

Search.TripoliIndexer
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)

The catalog is corrupt
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: 

Details:

         0x8e5e0210 (0x8e5e0210)

4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)
 

Error: (11/18/2014 10:50:16 PM) (Source: ESENT) (EventID: 455) (User: )

Description: SearchIndexer2980Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00023.log-1811 (0xfffff8ed)
 

Error: (11/18/2014 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_gpsvc6.3.9600.163845215dfe3gpsvc.dll6.3.9600.1723853d0c970c000000500000000000326b244c01d00378d8571826C:\WINDOWS\system32\svchost.exec:\windows\system32\gpsvc.dll2aa08de9-6f6c-11e4-bec6-74d02bb4f3e0
 

Error: (11/17/2014 00:27:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13875
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz

Percentage of memory in use: 41%

Total physical RAM: 3981.69 MB

Available physical RAM: 2313.43 MB

Total Pagefile: 5389.69 MB

Available Pagefile: 3483.23 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:119.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:257.7 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 337AEAFE)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Hey, das ist nun der Inhalt der Fixlog

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014

Ran by A at 2014-11-20 15:02:10 Run:2

Running from C:\Users\A\Desktop

Loaded Profile: A (Available profiles: UpdatusUser & A)

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKU\S-1-5-21-38175970-4281960952-3473621719-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=99E373C1-82DB-4896-A32F-FEC15AD35541&ref=toolbox&q={searchTerms}

BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\A\AppData\LocalLow\systems ie bho\bho.dll ()

FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=00000000-0000-0000-0000-000000000000

FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff

CHR HKLM-x32\...\Chrome\Extension: [chaaohobdpahkmbnkbedihflckcnnink] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5106\ch\MediaViewV1alpha5106.crx []

CHR HKLM-x32\...\Chrome\Extension: [ijogeilhhandekngbfbbolgfdhgdbdip] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta393\ch\VideoPlayerV3beta393.crx []

CHR HKLM-x32\...\Chrome\Extension: [kemphmeilhpkpfgghpcffekcicoelbca] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha235\ch\WebexpEnhancedV1alpha235.crx []

CHR HKLM-x32\...\Chrome\Extension: [lcjcbfjlapjkcdpenldfklmecfadmiid] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1969\ch\MediaViewV1alpha1969.crx []

         

*****************
 

"C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found.

"HKU\S-1-5-21-38175970-4281960952-3473621719-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.

"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}" => Key not found.

"HKCR\Wow6432Node\CLSID\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}" => Key not found.

Firefox newtab deleted successfully.

HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\12x3q@3244516.com => Value not found.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\chaaohobdpahkmbnkbedihflckcnnink" => Key not found.

"C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5106\ch\MediaViewV1alpha5106.crx" => File/Directory not found.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ijogeilhhandekngbfbbolgfdhgdbdip" => Key not found.

"C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta393\ch\VideoPlayerV3beta393.crx" => File/Directory not found.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kemphmeilhpkpfgghpcffekcicoelbca" => Key not found.

"C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha235\ch\WebexpEnhancedV1alpha235.crx" => File/Directory not found.

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lcjcbfjlapjkcdpenldfklmecfadmiid" => Key not found.

"C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1969\ch\MediaViewV1alpha1969.crx" => File/Directory not found.
 

==== End of Fixlog ====

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 20.11.2014

Suchlauf-Zeit: 15:07:27

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.3.1025

Malware Datenbank: v2014.11.20.04

Rootkit Datenbank: v2014.11.18.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: A
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 365502

Verstrichene Zeit: 34 Min, 11 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Warnen

PUM: Aktiviert
 

Prozesse: 0

(Keine schädliche Elemente erkannt)
 

Module: 0

(Keine schädliche Elemente erkannt)
 

Registrierungsschlüssel: 4

PUP.Optional.FoxySecurity.A, HKU\S-1-5-21-38175970-4281960952-3473621719-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}, Löschen bei Neustart, [27dd90aecbb1b284ddadbbfea65c2dd3], 

PUP.Optional.FoxySecurity.A, HKU\S-1-5-21-38175970-4281960952-3473621719-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}, Löschen bei Neustart, [27dd90aecbb1b284ddadbbfea65c2dd3], 

PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [9d67d46a57255dd95a2b46088281e31d], 

PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [e02475c9e79514221570e46a29da47b9], 
 

Registrierungswerte: 0

(Keine schädliche Elemente erkannt)
 

Registrierungsdaten: 0

(Keine schädliche Elemente erkannt)
 

Ordner: 2

PUP.Optional.SoftwareUpdater.A, C:\Users\A\AppData\Local\SwvUpdater, In Quarantäne, [bf451d210973de58a6981935ba49837d], 

PUP.Optional.FoxySecurity.A, C:\Users\A\AppData\LocalLow\systems ie bho, In Quarantäne, [c63e102e91eb1c1a44922e0337ccff01], 
 

Dateien: 4

PUP.Optional.SoftwareUpdater.A, C:\Users\A\AppData\Local\SwvUpdater\Updater.xml, In Quarantäne, [bf451d210973de58a6981935ba49837d], 

PUP.Optional.SoftwareUpdater.A, C:\Users\A\AppData\Local\SwvUpdater\status.cfg, In Quarantäne, [bf451d210973de58a6981935ba49837d], 

PUP.Optional.FoxySecurity.A, C:\Users\A\AppData\LocalLow\systems ie bho\bho.dll, In Quarantäne, [c63e102e91eb1c1a44922e0337ccff01], 

PUP.Optional.FoxySecurity.A, C:\Users\A\AppData\LocalLow\systems ie bho\ie.ini, In Quarantäne, [c63e102e91eb1c1a44922e0337ccff01], 
 

Physische Sektoren: 0

(Keine schädliche Elemente erkannt)
 
 

(end)

frst logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014

Ran by A (administrator) on ANGELIKA on 20-11-2014 16:27:31

Running from C:\Users\A\Desktop

Loaded Profile: A (Available profiles: UpdatusUser & A)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Sophos Plc) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-10] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)

AppInit_DLLs: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [239088 2010-06-14] (Sophos Plc)

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-38175970-4281960952-3473621719-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com

SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS

BHO: Sophos Web Content Scanner -> {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} -> C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Plc)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Sophos Web Content Scanner -> {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} -> C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

Winsock: Catalog9 01 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 02 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 03 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 04 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 05 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 06 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 07 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 08 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9 09 C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll [42736] (Sophos Plc)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Winsock: Catalog9-x64 09 C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll [55536] (Sophos Plc)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default

FF DefaultSearchEngine: StartWeb

FF SelectedSearchEngine: StartWeb

FF Homepage: hxxp://www.google.de/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF user.js: detected! => C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\user.js

FF Extension: Foxy Secure - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\Extensions\admin@foxysecure.com [2014-06-24]

FF Extension: Adblock Plus - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\mc1dszeo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-10]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 

Chrome: 

=======
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [163056 2010-08-16] (Sophos Plc)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [97520 2010-06-14] (Sophos Plc)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [1531632 2010-08-16] (Sophos Plc)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-22] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-22] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-20] (Malwarebytes Corporation)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [141304 2010-03-02] (Sophos Plc)

S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [25608 2010-03-02] (Sophos Plc)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-11-20 16:27 - 2014-11-20 16:28 - 00017626 _____ () C:\Users\A\Desktop\FRST.txt

2014-11-20 16:24 - 2014-11-20 16:24 - 00002777 _____ () C:\Users\A\Desktop\mbam.txt

2014-11-20 15:05 - 2014-11-20 15:05 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam-setup-2.0.3.1025.exe

2014-11-20 15:01 - 2014-11-20 15:01 - 00001335 _____ () C:\Users\A\Desktop\Fixlis.txt

2014-11-20 09:41 - 2014-11-20 09:41 - 00001282 _____ () C:\Users\A\Desktop\Revo Uninstaller.lnk

2014-11-20 09:41 - 2014-11-20 09:41 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-11-20 09:40 - 2014-11-20 09:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\A\Downloads\revosetup95.exe

2014-11-19 21:19 - 2014-11-19 21:19 - 00701558 _____ () C:\Users\A\Desktop\Oxford_Street_December_2006.jpeg

2014-11-19 21:18 - 2014-11-19 21:18 - 00701558 _____ () C:\Users\A\Downloads\Oxford_Street_December_2006.jpeg

2014-11-19 11:54 - 2014-11-19 11:56 - 00024702 _____ () C:\Users\A\Downloads\Addition.txt

2014-11-19 11:51 - 2014-11-20 09:57 - 00071759 _____ () C:\Users\A\Downloads\FRST.txt

2014-11-19 11:50 - 2014-11-20 16:27 - 00000000 ____D () C:\FRST

2014-11-19 11:50 - 2014-11-19 11:50 - 02117120 _____ (Farbar) C:\Users\A\Desktop\FRST64.exe

2014-11-19 11:44 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2014-11-19 11:44 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2014-11-19 11:44 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2014-11-19 11:44 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2014-11-18 22:49 - 2014-10-30 01:55 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-11-18 22:49 - 2014-10-30 01:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-18 22:42 - 2014-11-18 22:54 - 00000000 ___RD () C:\WINDOWS\BrowserChoice

2014-11-18 22:41 - 2014-11-20 16:18 - 00002862 _____ () C:\WINDOWS\PFRO.log

2014-11-18 22:40 - 2014-11-18 22:55 - 00000000 ____D () C:\ProgramData\Package Cache

2014-11-18 22:33 - 2014-11-20 14:51 - 00261240 _____ () C:\WINDOWS\WindowsUpdate.log

2014-11-18 21:41 - 2014-11-18 21:41 - 00000000 ____D () C:\AdwCleaner

2014-11-18 21:40 - 2014-11-18 21:40 - 02140160 _____ () C:\Users\A\Downloads\AdwCleaner_4.101.exe

2014-11-16 19:49 - 2014-11-20 14:55 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-11-16 14:13 - 2014-11-16 14:13 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-11-14 23:17 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2014-11-14 23:17 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-11-14 23:17 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2014-11-14 23:17 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-11-14 23:17 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2014-11-14 23:17 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2014-11-14 23:17 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2014-11-14 23:16 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-11-14 23:16 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-11-14 23:16 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-11-14 23:16 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-11-14 23:16 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-11-14 23:16 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-11-14 23:16 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-11-14 23:16 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-11-14 23:16 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll

2014-11-14 22:58 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2014-11-14 22:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2014-11-14 22:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-11-14 22:49 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2014-11-14 22:49 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2014-11-14 22:49 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2014-11-14 22:49 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2014-11-14 22:49 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2014-11-14 22:49 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2014-11-14 22:49 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2014-11-14 22:49 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2014-11-14 22:49 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2014-11-14 22:49 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-11-14 22:46 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-11-14 22:46 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-11-14 22:46 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-11-14 22:46 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-11-14 22:46 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-11-14 22:46 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-11-14 22:46 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2014-11-14 22:46 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-11-14 22:46 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2014-11-14 22:46 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll

2014-11-14 22:46 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-11-14 22:46 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2014-11-14 22:46 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2014-11-14 22:46 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2014-11-14 22:46 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll

2014-11-14 22:46 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-14 22:46 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-11-14 22:46 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-11-14 22:46 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-11-14 22:46 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-14 22:46 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-11-14 22:46 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-11-14 22:46 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-11-14 22:46 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-11-14 22:46 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-11-14 22:46 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-11-14 22:46 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-11-14 22:46 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-11-14 22:37 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-11-14 22:37 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-11-14 22:37 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2014-11-14 22:37 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys

2014-11-14 22:37 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-11-14 22:37 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-11-14 22:37 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll

2014-11-14 22:37 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-11-14 22:37 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2014-11-14 22:37 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-11-14 22:37 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-11-14 22:37 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll

2014-11-14 22:37 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-11-14 22:37 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-11-14 22:37 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-11-14 22:36 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-11-14 22:35 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-11-14 22:35 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-11-14 22:35 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-11-14 22:35 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2014-11-14 22:35 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2014-11-14 22:35 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-11-14 22:35 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-11-14 22:35 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-11-14 22:35 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-11-14 22:35 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-11-14 22:35 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-11-14 22:35 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-11-14 22:35 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-11-14 22:35 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-11-14 22:35 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-11-14 22:35 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-11-14 22:35 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-11-14 22:35 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-11-14 22:35 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-11-14 22:35 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-11-14 22:34 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-11-14 22:34 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-11-14 22:33 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-11-14 22:33 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-11-14 22:33 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-11-14 22:33 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-11-14 22:33 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-11-14 22:33 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-11-14 22:33 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-11-14 22:33 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-11-14 22:33 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-11-14 22:33 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-11-14 22:33 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-11-14 22:33 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-11-14 22:33 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-11-14 22:33 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-11-14 22:33 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-11-14 22:33 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-11-14 22:33 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-11-14 22:33 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-11-14 22:33 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-11-14 22:33 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-11-14 22:33 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-11-14 22:33 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-11-14 22:33 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-11-14 22:33 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-11-14 22:33 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-11-14 22:33 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-11-14 22:17 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-11-14 22:17 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-11-14 22:17 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-11-14 22:17 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-11-14 22:17 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2014-11-14 22:17 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2014-11-14 22:17 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-11-14 22:17 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2014-11-14 22:17 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-11-14 22:17 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-11-14 22:15 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-11-14 22:15 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-11-14 22:14 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe

2014-11-14 22:14 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe

2014-11-14 22:14 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll

2014-11-14 22:14 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

2014-11-14 22:14 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-11-14 22:14 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-11-14 22:14 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-11-14 22:14 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2014-11-14 22:14 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-11-14 22:14 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-11-14 22:14 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-11-14 22:14 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll

2014-11-14 22:14 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2014-11-14 22:14 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2014-11-14 22:14 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2014-11-14 22:14 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-11-14 22:14 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-11-14 22:14 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-11-14 22:14 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-11-14 22:14 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll

2014-11-14 22:14 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-11-14 22:14 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-11-14 22:14 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2014-11-14 22:14 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2014-11-14 22:14 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2014-11-14 22:14 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-11-14 22:14 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-11-14 22:14 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll

2014-11-14 22:14 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2014-11-14 22:14 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-11-14 22:14 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll

2014-11-14 22:14 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2014-11-14 22:14 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2014-11-14 22:14 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-11-14 22:14 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-11-14 22:14 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-11-14 22:14 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-11-14 22:14 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-11-14 22:14 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-11-14 22:14 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll

2014-11-14 22:14 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-11-14 22:14 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe

2014-11-14 22:14 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe

2014-11-14 22:14 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe

2014-11-14 22:14 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll

2014-11-14 22:14 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe

2014-11-14 22:14 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-11-14 22:14 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll

2014-11-14 22:14 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-11-14 22:14 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2014-11-14 22:14 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-11-14 22:14 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-11-14 22:14 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-11-14 22:14 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-11-14 22:14 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-11-14 22:14 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-11-14 22:14 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll

2014-11-14 22:14 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll

2014-11-14 22:14 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2014-11-14 22:14 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2014-11-14 22:14 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-11-14 22:14 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-11-14 22:14 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll

2014-11-14 22:14 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-11-14 22:14 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2014-11-14 22:14 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2014-11-14 22:14 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-11-14 22:14 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll

2014-11-14 22:14 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-11-14 22:14 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2014-11-14 22:14 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-11-14 22:14 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll

2014-11-14 22:14 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-11-14 22:14 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2014-11-14 22:14 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2014-11-14 22:14 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-11-14 22:14 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-11-14 22:14 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-11-14 22:14 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-11-14 22:14 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll

2014-11-14 22:14 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-11-14 22:14 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-11-14 22:14 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-11-14 22:13 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe

2014-11-14 22:13 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll

2014-11-14 22:13 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll

2014-11-14 22:13 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-11-14 22:13 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-11-14 22:13 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-11-14 22:13 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys

2014-11-14 22:13 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys

2014-11-14 22:13 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe

2014-11-14 22:13 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll

2014-11-14 22:13 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll

2014-11-14 22:13 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll

2014-11-14 22:13 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll

2014-11-14 22:11 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2014-11-14 22:11 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-11-14 22:11 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-11-14 22:11 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-11-14 22:11 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-11-14 22:11 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-11-14 22:11 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-11-14 22:11 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-11-14 22:11 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2014-11-14 22:11 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2014-11-14 22:11 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-11-14 22:11 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-11-14 22:11 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-11-14 22:11 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll

2014-11-14 22:11 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll

2014-11-14 22:11 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-11-14 22:11 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll

2014-11-14 22:11 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-11-14 22:11 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-11-14 22:11 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll

2014-11-14 22:11 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2014-11-14 22:11 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-11-14 22:11 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-11-14 22:11 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-11-14 22:11 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2014-11-14 22:11 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2014-11-14 22:10 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll

2014-11-14 22:10 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll

2014-11-13 16:28 - 2014-11-20 16:21 - 00000000 ___RD () C:\Users\A\OneDrive

2014-11-13 16:21 - 2014-11-13 16:21 - 00001452 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-11-13 16:20 - 2014-11-13 16:20 - 00000020 ___SH () C:\Users\A\ntuser.ini

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Vorlagen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Startmenü

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Druckumgebung

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Startmenü

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Dokumente

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien

2014-11-10 22:41 - 2014-11-10 22:41 - 00000000 _SHDL () C:\Dokumente und Einstellungen

2014-11-10 22:35 - 2014-11-10 22:35 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat

2014-11-10 22:20 - 2014-11-10 22:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-11-10 22:20 - 2014-11-10 22:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-11-10 22:19 - 2014-11-10 22:19 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-11-10 22:11 - 2014-11-10 22:11 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate

2014-11-10 22:10 - 2014-11-17 12:27 - 00000000 ____D () C:\Users\A

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-10 22:10 - 2014-11-10 22:11 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Vorlagen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Startmenü

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Netzwerkumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Lokale Einstellungen

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Eigene Dateien

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Druckumgebung

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Documents\Eigene Musik

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Documents\Eigene Bilder

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Local\Verlauf

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\AppData\Local\Anwendungsdaten

2014-11-10 22:10 - 2014-11-10 22:10 - 00000000 _SHDL () C:\Users\A\Anwendungsdaten

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2014-11-10 22:10 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-10 22:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-11-10 22:09 - 2014-11-10 22:38 - 00036198 _____ () C:\WINDOWS\diagwrn.xml

2014-11-10 22:09 - 2014-11-10 22:38 - 00036198 _____ () C:\WINDOWS\diagerr.xml

2014-11-10 22:00 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin

2014-11-10 22:00 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2014-11-10 22:00 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2014-11-10 21:59 - 2014-11-10 22:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-11-10 21:59 - 2014-11-10 22:15 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-11-10 21:59 - 2014-11-10 22:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-11-10 21:59 - 2014-11-10 21:59 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-11-10 21:58 - 2014-11-10 21:58 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat

2014-11-10 21:58 - 2014-11-10 21:58 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk

2014-11-10 21:58 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2014-11-10 21:58 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2014-11-10 21:57 - 2014-11-10 21:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM

2014-11-10 21:57 - 2014-11-10 21:57 - 00000000 ____D () C:\Program Files\Realtek

2014-11-10 21:55 - 2014-11-10 22:05 - 00000000 __SHD () C:\Recovery

2014-11-10 21:54 - 2014-11-18 21:07 - 00000000 ___DC () C:\WINDOWS\Panther

2014-11-10 21:51 - 2014-11-10 21:51 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-11-10 21:51 - 2014-11-10 21:51 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-11-10 21:50 - 2014-11-10 21:50 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-11-10 21:50 - 2014-11-10 21:50 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-11-10 21:49 - 2014-11-10 21:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-11-10 21:46 - 2014-11-10 22:21 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files\Reference Assemblies

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files\MSBuild

2014-11-10 21:46 - 2014-11-10 21:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies

2014-11-10 21:45 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2014-11-10 21:45 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-11-20 16:27 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-11-20 16:27 - 2014-09-24 06:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2014-11-20 16:27 - 2014-09-24 06:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2014-11-20 16:22 - 2014-06-29 22:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-11-20 16:21 - 2013-06-24 20:13 - 00000062 _____ () C:\Users\A\AppData\Roaming\sp_data.sys

2014-11-20 16:19 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-11-20 16:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Globalization

2014-11-20 16:17 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-11-20 16:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-11-20 15:33 - 2013-06-24 20:23 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-38175970-4281960952-3473621719-1002

2014-11-20 15:06 - 2014-06-29 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-20 15:06 - 2014-06-29 22:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-11-20 15:06 - 2014-03-22 15:39 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-11-20 14:47 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy

2014-11-20 14:45 - 2013-06-25 11:53 - 00864768 ___SH () C:\Users\A\Documents\Thumbs.db

2014-11-20 14:44 - 2014-06-19 14:37 - 00032768 ___SH () C:\Users\A\Downloads\Thumbs.db

2014-11-19 21:19 - 2013-07-02 00:30 - 00967168 ___SH () C:\Users\A\Desktop\Thumbs.db

2014-11-19 16:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-11-19 16:43 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-11-18 23:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-11-18 22:54 - 2013-06-24 20:12 - 00000000 ____D () C:\Users\A\AppData\Local\Packages

2014-11-18 22:53 - 2013-08-22 15:44 - 00481504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-18 22:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-11-18 20:45 - 2014-01-18 13:15 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-11-18 20:44 - 2014-02-18 22:32 - 00000000 ____D () C:\Users\A\AppData\Roaming\Canon

2014-11-16 20:48 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-11-16 20:47 - 2013-09-28 12:32 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-16 20:44 - 2013-08-09 20:32 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-11-16 20:38 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-11-16 20:38 - 2013-06-26 15:42 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-11-16 19:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore

2014-11-10 22:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT

2014-11-10 22:41 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default

2014-11-10 22:38 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration

2014-11-10 22:30 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media

2014-11-10 22:30 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries

2014-11-10 22:23 - 2013-05-19 00:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV

2014-11-10 22:23 - 2013-05-19 00:26 - 00000000 ____D () C:\WINDOWS\system32\NV

2014-11-10 22:21 - 2014-09-24 07:00 - 00000000 ____D () C:\WINDOWS\ShellNew

2014-11-10 22:21 - 2014-07-31 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-11-10 22:21 - 2014-03-22 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2014-11-10 22:21 - 2014-01-18 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint

2014-11-10 22:21 - 2014-01-18 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP610 series Manual

2014-11-10 22:21 - 2013-09-28 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

2014-11-10 22:21 - 2013-09-28 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-11-10 22:21 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2014-11-10 22:21 - 2013-05-19 00:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\nl

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\it

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\fr

2014-11-10 22:21 - 2012-11-27 05:10 - 00000000 ____D () C:\WINDOWS\de

2014-11-10 22:21 - 2012-11-27 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2014-11-10 22:21 - 2012-07-26 10:43 - 00000000 ____D () C:\WINDOWS\en-GB

2014-11-10 22:20 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep

2014-11-10 22:19 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\WCN

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI

2014-11-10 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME

2014-11-10 22:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI

2014-11-10 22:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2014-11-10 22:19 - 2013-05-19 00:31 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda

2014-11-10 22:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-11-10 22:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME

2014-11-10 22:17 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker

2014-11-10 22:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help

2014-11-10 22:15 - 2014-03-10 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-11-10 22:15 - 2014-02-18 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System

2014-11-10 22:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-11-10 22:15 - 2013-05-19 00:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD

2014-11-10 22:15 - 2012-08-02 14:28 - 00000000 ____D () C:\ProgramData\PRICache

2014-11-10 22:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery

2014-11-10 21:52 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-11-10 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-11-09 16:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

2014-10-22 10:10 - 2014-03-13 13:13 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

2014-10-22 10:10 - 2014-03-10 22:47 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2014-10-22 10:10 - 2014-03-10 22:47 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS
 
 

Some content of TEMP:

====================

C:\Users\A\AppData\Local\Temp\avgnt.exe

C:\Users\A\AppData\Local\Temp\MPDD0000.exe

C:\Users\A\AppData\Local\Temp\Quarantine.exe

C:\Users\A\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-11-10 21:56
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014

Ran by A at 2014-11-20 16:30:37

Running from C:\Users\A\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Sophos Anti-Virus (Enabled - Out of date) {479CCF92-4960-B3E0-7373-BF453B467D2C}

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Sophos Anti-Virus (Enabled - Out of date) {FCFD2E76-6F5A-BC6E-49C3-843740C13791}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)

ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)

ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)

ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)

ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)

ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)

Avira (HKLM-x32\...\{905d3ded-fe60-432c-b56e-7cd19f2899ac}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)

CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Foxy Secure (HKLM-x32\...\Foxy Secure) (Version:  - )

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6886 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Sophos Anti-Virus (HKLM-x32\...\{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}) (Version: 9.5.2 - Sophos Plc)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)

Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

16-11-2014 18:52:32 Windows Update

20-11-2014 08:42:25 Revo Uninstaller's restore point - Euro Truck Simulator 2
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0355B31A-7CD6-403F-BBE7-8EB775F65144} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

Task: {27A82664-B71D-4DCB-B2CA-D0E212FD5889} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION

Task: {338CA8E7-BF33-42D8-9D68-12C996715278} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)

Task: {4BC4623A-407A-4187-B1DB-3B0E682A7EA3} - \AmiUpdXp No Task File <==== ATTENTION

Task: {56DADB8B-E5C3-4A64-ABEF-C539F3251539} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe

Task: {61525C16-D699-4CA5-8482-FFFA93F3BD6F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe

Task: {62A95FC2-C335-440A-BBBB-CD3F7CE6D9F6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {6BF53254-DF68-42F1-84E7-7EC1B1D19937} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-16] (Microsoft Corporation)

Task: {7D0C3394-43CF-4E14-BAF3-8B04069BABB5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)

Task: {7F1709F4-C9FE-430C-9A14-0AA141540C48} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)

Task: {82D2B3D0-FEFE-4679-B287-2995E3A443DB} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()

Task: {9378674F-2A1A-42E4-BC5E-9D5FAA4E4527} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe

Task: {941E1B72-D406-412B-8BC1-CB8FA1FC2EE4} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)

Task: {B4610DBF-D9B1-486A-A0B4-F7A5D3CCA77E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)

Task: {BBE0485A-2145-476E-8B1D-B1617748BC2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: {C510AD82-06A9-4383-9593-520AA17F48F5} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
 

==================== Loaded Modules (whitelisted) =============
 

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-11-10 22:00 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-22 15:44 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2014-03-22 15:44 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2014-03-22 15:44 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2014-03-22 15:44 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2014-03-22 15:44 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2014-06-18 19:32 - 2014-06-18 19:32 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2013-05-19 00:22 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\A\OneDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
 

========================= Accounts: ==========================
 

A (S-1-5-21-38175970-4281960952-3473621719-1002 - Administrator - Enabled) => C:\Users\A

Administrator (S-1-5-21-38175970-4281960952-3473621719-500 - Administrator - Disabled)

Gast (S-1-5-21-38175970-4281960952-3473621719-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-38175970-4281960952-3473621719-1016 - Limited - Enabled)

UpdatusUser (S-1-5-21-38175970-4281960952-3473621719-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: Der Index kann nicht initialisiert werden.
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Die Anwendung kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Das Gatherer-Objekt kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 3057) (User: )

Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        (HRESULT : 0x8e5e0210) (0x8e5e0210)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
 
 

Details:

         0x8e5e0210 (0x8e5e0210)
 

Error: (11/18/2014 10:50:16 PM) (Source: ESENT) (EventID: 455) (User: )

Description: SearchIndexer (2980) Windows: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00023.log.
 

Error: (11/18/2014 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: svchost.exe_gpsvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3

Name des fehlerhaften Moduls: gpsvc.dll, Version: 6.3.9600.17238, Zeitstempel: 0x53d0c970

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00000000000326b2

ID des fehlerhaften Prozesses: 0x44c

Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_gpsvc0

Pfad der fehlerhaften Anwendung: svchost.exe_gpsvc1

Pfad des fehlerhaften Moduls: svchost.exe_gpsvc2

Berichtskennung: svchost.exe_gpsvc3

Vollständiger Name des fehlerhaften Pakets: svchost.exe_gpsvc4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_gpsvc5
 

Error: (11/17/2014 00:27:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13875
 
 

System errors:

=============

Error: (11/20/2014 04:22:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (11/20/2014 04:22:30 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1326
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (11/20/2014 02:57:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (11/20/2014 02:57:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1326
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (11/20/2014 02:51:29 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 

Error: (11/20/2014 02:51:29 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 

Error: (11/20/2014 02:51:29 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 

Error: (11/20/2014 02:51:28 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 

Error: (11/20/2014 02:51:28 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 

Error: (11/20/2014 02:51:28 PM) (Source: DCOM) (EventID: 10010) (User: ANGELIKA)

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 

Microsoft Office Sessions:

=========================

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Kontext: Windows Anwendung
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)
 

Error: (11/18/2014 10:50:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Search.TripoliIndexer
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 3057) (User: )

Description: Kontext: Windows Anwendung
 
 

Details:

        (HRESULT : 0x8e5e0210) (0x8e5e0210)

Search.TripoliIndexer
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.   0xc0041801 (0xc0041801)

The catalog is corrupt
 

Error: (11/18/2014 10:50:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: 

Details:

         0x8e5e0210 (0x8e5e0210)

4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)
 

Error: (11/18/2014 10:50:16 PM) (Source: ESENT) (EventID: 455) (User: )

Description: SearchIndexer2980Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00023.log-1811 (0xfffff8ed)
 

Error: (11/18/2014 10:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_gpsvc6.3.9600.163845215dfe3gpsvc.dll6.3.9600.1723853d0c970c000000500000000000326b244c01d00378d8571826C:\WINDOWS\system32\svchost.exec:\windows\system32\gpsvc.dll2aa08de9-6f6c-11e4-bec6-74d02bb4f3e0
 

Error: (11/17/2014 00:27:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13875
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz

Percentage of memory in use: 38%

Total physical RAM: 3981.69 MB

Available physical RAM: 2467.9 MB

Total Pagefile: 5389.69 MB

Available Pagefile: 3596.15 MB

Total Virtual: 131072 MB

Available Virtual: 131071.84 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:119.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:257.7 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 337AEAFE)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

endlich geschafft:)