| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: werbetrojaner windows 8; malewarebytes über 100 fundeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.08.2013, 18:20
| #1 |
 |  werbetrojaner windows 8; malewarebytes über 100 funde Hallo, seit heute sind auf allen möglichen Seiten Wörter grün unterstrichen und verlinken Werbung. Das Betriebssystem ist Windows 8 - mit dem ich mich leider gar nicht auskenne. Malwarebytes hat 102 infizierte Elemente gefunden. PUP optional heißen die infizierten Objekte. AUßerdem bin ich mir auch nicht ganz sicher, ob mein vorinstalliertes McAffee Security noch aktiv ist - hab das Laptop seit ein paar Wochen. Es kommen dauernd irgendwelche Meldungen von McAfee, wie z.b. dass McAfee parental control ausgeführt wird, etc., und 1x kam, mein PC sei seit zwei Wochen ungeschützt, worauf ich antivir installiert habe - dann wurde mein PC so langsam, dass ich dachte, dass jetzt beide Viren-Programme aktiv sind, woraufhin ich antivir wieder deinstalliert habe. Ich hoffe, es kann mir jemand helfen  |
|
02.08.2013, 18:24
| #2 |
| /// Malware-holic   | werbetrojaner windows 8; malewarebytes über 100 funde Hi,
__________________arbeite möglichst immer alles nacheinander ab, poste die Ergebnisse gleichzeitig. 1. poste aktuelle Malwarebytes Logs mit Funden: http://www.trojaner-board.de/125889-...en-posten.html 2. gleich wird eine Anleitung zu FRST folgen, in der additions.txt bitte bearbeiten: Empfehlungen fürs Deinstallieren Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.08.2013, 18:37
| #3 |
| | werbetrojaner windows 8; malewarebytes über 100 funde vielen Dank für die schnelle Antwort!!!
__________________1. hier kommt schonmal malware bytes log, den Rest mache ich sofort Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.02.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16635 ***:: ***-PC [Administrator] Schutz: Aktiviert 02.08.2013 19:09:03 MBAM-log-2013-08-02 (19-31-18).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 214303 Laufzeit: 7 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 2 C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 9684 -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 9944 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 2 C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. Infizierte Registrierungsschlüssel: 32 HKCR\CLSID\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{BB705064-D600-4F0E-B5F1-868EFB973F5E} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKCR\Interface\{85DE85E5-D992-4276-9B06-60948364EA14} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{17E58097-6CA5-448B-830F-2A19678248FB} (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaHlpr (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\d (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 3 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: Delta Toolbar -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: -> Keine Aktion durchgeführt. HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bösartig: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Gut: () -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 11 C:\Users\lulu\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\bh (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 50 C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\125.dll (PUP.Optional.LyricXeeker.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\~rmj315927499349509409.tmp (Trojan.Inject) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\ccp.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\MyDeltaTB.exe (PUP.Delta.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\A8FDD687-BAB0-7891-A068-9C9461333822\Latest\Setup.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\is956058749\162747294_Setup.EXE (PUP.Optional.AddLyrics) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Local\Temp\is956058749\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\chrome.manifest (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\125.crx (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\125.dat (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\125.xpi (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\sqlite3.dll (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Program Files (x86)\LyriXeeker\Uninstall.exe (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Windows\Tasks\LyricXeeker Update.job (PUP.Optional.Lyrixeeker) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (PUP.Optional.A.BabSolution) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\lulu\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\GUninstaller.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. (Ende) |
|
02.08.2013, 18:39
| #4 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, ich hatte gebeten, alle Logs etc gleichzeitig zu posten, dann muss ich nur einmal reinsehen und kann meine Anweisungen gleich posten, danke. (bitte keinen post wie: mach ich) sonst werden weitere an den angehangen :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2013, 19:11
| #5 |
| | werbetrojaner windows 8; malewarebytes über 100 funde ok, tut mir Leid, passiert nicht noch mal  Aber die folgenden Logs muss ich getrennt nacheinander reinstellen, weil die zusammen zu groß sind.und noch eine Frage: Ich habe jetzt bei Maleware Bytes nicht auf "Entfernen" der Funde geklickt, war das richtig so? 2. FRST Editor FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by **(administrator) on 02-08-2013 19:41:59
Running from C:\Users\lulu\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Spotify] - C:\Users\lulu\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe [48640 2012-07-26] (Microsoft Corporation) <===== ATTENTION
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll [2691536 2013-07-26] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
SearchScopes: HKCU - DefaultScope {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
SearchScopes: HKCU - {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A236D83C-2C6E-4DA1-867B-702412B2964C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Program Files (x86)\LyriXeeker\125.dll (LyriXeeker Tech)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default
FF user.js: detected! => C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\searchplugins\babylon.xml
FF Extension: Delta Toolbar - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\ffxtlbr@delta.com
FF Extension: kikin plugin (NO23 Edition) - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF Extension: No Name - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files (x86)\LyriXeeker\125.xpi
FF Extension: No Name - C:\Program Files (x86)\LyriXeeker\125.xpi
==================== Services (Whitelisted) =================
S2 0050691375351163mcinstcleanup; C:\Users\lulu\AppData\Local\Temp\005069~1.EXE [833616 2013-01-30] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-05-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [x]
U3 mfeapfk01; No ImagePath
U3 mfeavfk01; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:07 - 2013-08-02 15:07 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-08-02 13:35 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-02 13:35 - 2013-08-02 13:35 - 00003044 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-08-02 13:35 - 2013-08-02 13:35 - 00000404 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\BabSolution
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\LyriXeeker
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:38 - 2013-08-02 12:39 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:55 - 2013-08-01 11:55 - 00000000 ____D C:\ProgramData\APN
2013-08-01 11:55 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\lulu\Documents\APNSetup.exe
2013-08-01 11:54 - 2013-08-01 11:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 11:50 - 2013-07-21 12:00 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\kikin
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Program Files (x86)\kikin
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:22 - 2012-09-18 15:27 - 00501760 _____ C:\Windows\system32\ZSHP1020.EXE
2013-07-19 11:22 - 2012-09-18 15:27 - 00192512 _____ C:\Windows\system32\ZLhp1020.DLL
2013-07-19 11:22 - 2012-09-18 09:34 - 00247296 _____ () C:\Windows\system32\zshp1020s.dll
2013-07-19 11:22 - 2012-09-18 09:34 - 00128380 _____ C:\Windows\system32\hp1018.img
2013-07-19 11:22 - 2012-09-18 09:34 - 00010698 _____ C:\Windows\system32\ZSHP1018.CHM
2013-07-19 11:19 - 2013-07-19 11:23 - 00321770 _____ C:\1020.log
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 14:04 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-18 14:04 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 14:04 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-18 14:04 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-18 14:04 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-18 14:04 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-18 14:04 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-18 14:04 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-18 14:04 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-18 14:04 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-18 14:03 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-18 14:03 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-18 14:03 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-18 14:03 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-18 14:03 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-18 14:03 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-18 14:03 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 08:54 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-15 15:40 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-07-15 15:40 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-07-15 15:40 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-08 06:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:38 - 2012-11-06 09:52 - 00277736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-07-15 15:38 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00976384 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2013-07-15 15:38 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-07-15 15:38 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2013-07-15 15:38 - 2012-11-06 05:53 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-15 15:38 - 2012-11-06 05:51 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-12 08:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2013-07-14 21:21 - 2012-10-12 07:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-07-14 21:20 - 2012-10-24 06:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-07-14 21:20 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2013-07-14 21:20 - 2012-10-11 07:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-07-14 21:20 - 2012-10-11 07:44 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-14 21:20 - 2012-10-11 07:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-07-14 21:19 - 2012-10-11 09:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-07-14 21:19 - 2012-10-11 09:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2013-07-14 21:19 - 2012-10-11 09:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-14 21:19 - 2012-10-11 09:18 - 00172264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00058088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2013-07-14 21:19 - 2012-10-11 09:08 - 00562392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-14 21:19 - 2012-10-11 07:46 - 00517120 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 01045504 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00904192 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2013-07-14 21:19 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-07-14 21:19 - 2012-10-11 07:16 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-07-14 21:19 - 2012-10-11 07:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2013-07-14 21:19 - 2012-10-11 07:07 - 00962560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 06:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 02:45 - 00478424 _____ C:\Windows\SysWOW64\locale.nls
2013-07-14 21:19 - 2012-10-11 02:44 - 00478424 _____ C:\Windows\system32\locale.nls
2013-07-14 21:18 - 2012-12-04 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-07-14 21:18 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 01071104 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-07-14 21:18 - 2012-11-27 06:18 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:17 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-07-14 21:18 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-14 21:18 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2013-07-14 21:18 - 2012-10-12 07:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-14 21:18 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2013-07-14 21:18 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2013-07-11 21:49 - 2013-07-11 22:10 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:24 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:24 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:24 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:24 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 09:23 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 09:23 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:23 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-08 20:32 - 2013-07-20 12:33 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-08 20:31 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-08-02 15:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-07-08 20:30 - 2013-07-21 23:42 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:31 - 2013-08-02 18:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 15:31 - 2013-07-15 09:28 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-08 15:30 - 2013-07-15 09:28 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 14:49 - 2013-07-08 15:10 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:49 - 2013-07-14 20:50 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-08 09:39 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-08 09:39 - 2013-07-14 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 09:39 - 2013-07-08 15:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 01:23 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2013-07-08 01:22 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-07-08 01:20 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00785504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-08 01:20 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:26 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:22 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:22 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-07-08 01:20 - 2013-01-09 05:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-07-08 01:20 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2013-07-08 01:19 - 2013-03-02 12:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-07-08 01:19 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2013-07-08 01:19 - 2013-03-02 12:45 - 00148712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00327912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-07-08 01:19 - 2013-03-02 10:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01161728 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-07-08 01:19 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2013-07-08 01:19 - 2013-03-02 04:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2013-07-08 01:19 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-07-08 01:19 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-07-08 01:19 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2013-07-08 01:17 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-07-08 01:17 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2013-07-08 01:17 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2013-07-08 01:17 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2013-07-08 01:17 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-07-08 01:17 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2013-07-08 01:17 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2013-07-08 01:17 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-07-08 01:17 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-07-08 01:17 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-07-08 01:17 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-07-08 01:17 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-07-08 01:17 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-07-08 01:17 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-07-08 01:17 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-07-08 01:17 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-07-08 01:17 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-07-08 01:17 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-07-08 01:17 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-08 01:17 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2013-07-08 01:17 - 2012-11-06 09:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2013-07-08 01:17 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-07-08 01:16 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-07-08 01:16 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-08 01:16 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-08 01:16 - 2012-11-06 06:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-08 01:11 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-07-08 01:11 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-07-08 01:11 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-07-08 01:11 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-08 01:11 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-07-08 01:11 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-07-08 01:11 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-07-08 01:11 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-07-08 01:11 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-07-08 01:11 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2013-07-08 01:11 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2013-07-08 01:11 - 2012-11-02 07:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-08 01:10 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-08 01:10 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-08 01:10 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-07-08 01:10 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-07-08 01:10 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-07-08 01:10 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-07-08 01:10 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-07-08 01:09 - 2013-04-16 04:34 - 01455368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-08 01:09 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-07-08 01:07 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-08 01:07 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-08 01:07 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-08 01:07 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-08 01:07 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2013-07-08 01:07 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2013-07-08 01:07 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2013-07-08 01:07 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-08 01:07 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-08 01:06 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-08 01:06 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2013-07-08 01:06 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-07-08 01:05 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-07-08 01:05 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2013-07-08 01:05 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-07-08 01:05 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2013-07-08 01:05 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2013-07-08 00:59 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-08 00:59 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-07-08 00:59 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00496872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-07-08 00:59 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-08 00:59 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-07-08 00:59 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-07-08 00:59 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2013-07-08 00:59 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-07-08 00:59 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2013-07-08 00:59 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2013-07-08 00:59 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-07-08 00:59 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2013-07-08 00:59 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2013-07-08 00:59 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2013-07-08 00:59 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2013-07-08 00:58 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-08 00:58 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-07-08 00:58 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-08 00:58 - 2012-12-16 10:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:20 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:08 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-08 00:58 - 2012-12-16 09:57 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-07-08 00:58 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-07-08 00:57 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-08 00:57 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-08 00:51 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-08 00:51 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-08 00:51 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-08 00:51 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-08 00:47 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-07-08 00:47 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-07-08 00:47 - 2013-01-29 03:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-07-08 00:47 - 2013-01-29 01:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-07-08 00:42 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:41 - 01438720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 01836032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-08 00:39 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-08 00:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-08 00:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-08 00:38 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-08 00:38 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-08 00:38 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-08 00:38 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-08 00:38 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-17 18:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 __RHD C:\MSOCache
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:12 - 2013-07-19 11:21 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:51 - 2013-08-02 19:11 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-08-02 13:41 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-07-07 21:44 - 2013-08-02 13:28 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-07-07 21:44 - 2013-07-07 23:53 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-07 21:42 - 2013-07-08 15:54 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:41 - 2013-07-07 22:58 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-08 15:10 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:39 - 2013-07-07 21:43 - 00000000 ____D C:\Users\lulu
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64.exe
2013-08-02 19:15 - 2013-01-22 00:41 - 02002762 _____ C:\Windows\WindowsUpdate.log
2013-08-02 19:11 - 2013-07-07 21:51 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 19:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-02 18:59 - 2013-07-08 15:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-02 15:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-08-02 15:07 - 2013-08-02 15:07 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-08-02 13:41 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-08-02 13:35 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-02 13:35 - 2013-08-02 13:35 - 00003044 _____ C:\Windows\System32\Tasks\LyricXeeker Update
2013-08-02 13:35 - 2013-08-02 13:35 - 00000404 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Users\lulu\AppData\Roaming\BabSolution
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\LyriXeeker
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Delta
2013-08-02 13:35 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:28 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:39 - 2013-08-02 12:38 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:59 - 2013-01-22 01:13 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-01 11:59 - 2013-01-22 01:12 - 00000000 ____D C:\ProgramData\MOCP
2013-08-01 11:55 - 2013-08-01 11:55 - 00000000 ____D C:\ProgramData\APN
2013-08-01 11:54 - 2013-08-01 11:54 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-31 16:30 - 2013-01-22 00:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-31 16:30 - 2013-01-22 00:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-31 16:30 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 16:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-31 16:22 - 2012-08-03 04:22 - 00026146 _____ C:\Windows\PFRO.log
2013-07-31 16:22 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 16:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 23:42 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-21 12:00 - 2013-07-21 11:50 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\kikin
2013-07-20 13:23 - 2013-07-20 13:23 - 00000000 ____D C:\Program Files (x86)\kikin
2013-07-20 12:33 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-20 11:53 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-19 11:23 - 2013-07-19 11:19 - 00321770 _____ C:\1020.log
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:21 - 2013-07-07 22:12 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 23:00 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-17 18:23 - 2013-07-08 00:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 18:13 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 09:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-15 23:01 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-15 23:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-15 09:28 - 2013-07-08 15:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 09:28 - 2013-07-08 15:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-14 20:55 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 20:53 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 20:50 - 2013-07-08 09:49 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 22:10 - 2013-07-11 21:49 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:12 - 2013-01-22 01:08 - 00000000 ____D C:\ProgramData\Adobe
2013-07-08 20:32 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 20:27 - 2012-07-26 09:21 - 00020708 _____ C:\Windows\setupact.log
2013-07-08 15:54 - 2013-07-07 21:42 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:15 - 2013-07-08 09:39 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 15:10 - 2013-07-08 14:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-08 15:10 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-08 15:10 - 2012-08-03 04:25 - 00000000 ____D C:\ProgramData\PRICache
2013-07-08 14:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 02:09 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-07-08 02:07 - 2013-01-22 00:45 - 00000000 ____D C:\ProgramData\McAfee
2013-07-08 02:05 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-08 00:36 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:35 - 2012-10-20 02:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:34 - 2013-01-22 01:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 __RHD C:\MSOCache
2013-07-07 23:54 - 2013-01-22 00:48 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2013-07-07 23:53 - 2013-07-07 21:44 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:58 - 2013-07-07 21:41 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-07 21:39 - 00000000 ____D C:\Users\lulu
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:42 - 2013-01-22 01:07 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-07 21:42 - 2013-01-22 00:17 - 00000000 ____D C:\Program Files\Sony
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:40 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-07 21:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-07-07 21:15 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
Files to move or delete:
====================
C:\Windows\SysWOW64\rundll32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-31 09:53
==================== End Of Log ============================
--- --- --- |
|
02.08.2013, 19:12
| #6 |
| | werbetrojaner windows 8; malewarebytes über 100 funde 3. Adition editor Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2013 Ran by Laura at 2013-08-02 19:43:08 Running from C:\Users\lulu\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) -nötig Adobe Reader XI MUI (x32 Version: 11.0.00)-nötig Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)-nötig Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98) -unbekannt Aloha TriPeaks (x32 Version: 2.2.0.98) -unbekannt AMD Accelerated Video Transcoding (Version: 12.5.100.20821)-unbekannt AMD APP SDK Runtime (Version: 10.0.938.2)-unbekannt AMD Catalyst Install Manager (Version: 8.0.881.0)-unbekannt AMR to MP3 Converter 1.4 (x32)-nötig aptics Pointing Device Driver (Version: 16.2.16.2)-unbekannt Bejeweled 3 (x32 Version: 2.2.0.98)-unbekannt BrowserDefender (x32)-unbekannt-unbekannt Build-a-lot: On Vacation (x32 Version: 2.2.0.110)-unbekannt Catalyst Control Center - Branding (x32 Version: 1.00.0000)-unbekannt Catalyst Control Center (x32 Version: 2012.0821.2159.37544)-unbekannt Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0821.2159.37544)-unbekannt Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544)-unbekannt Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544)-unbekannt CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Czech (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Danish (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Dutch (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help English (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Finnish (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help French (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help German (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Greek (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Hungarian (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Italian (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Japanese (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Korean (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Norwegian (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Polish (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Portuguese (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Russian (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Spanish (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Swedish (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Thai (x32 Version: 2012.0821.2158.37544)-unbekannt CCC Help Turkish (x32 Version: 2012.0821.2158.37544)-unbekannt ccc-utility64 (Version: 2012.0821.2159.37544)-unbekannt Chuzzle Deluxe (x32 Version: 2.2.0.95)-unbekannt Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)-unbekannt CyberLink Power2Go 8 (x32 Version: 8.0.0.2126)-nötig CyberLink PowerDVD (x32 Version: 9.0.5728.52)-nötig Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) -nötig Delta Chrome Toolbar (x32) -unnötig Delta toolbar (x32 Version: 1.8.22.0) -unnötig FATE (x32 Version: 2.2.0.97)-unbekannt FDUx86 (x32 Version: 1.0.0)-unbekannt Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32)-unbekannt Intel AppUp(R) center (x32 Version: 3.8.0.41505.25)-unbekannt Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)-unbekannt Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)-unbekannt Intel® Trusted Connect Service Client (Version: 1.24.388.1)-unbekannt Java 7 Update 9 (64-bit) (Version: 7.0.90)-nötig Java 7 Update 9 (x32 Version: 7.0.90)-nötig Java Auto Updater (x32 Version: 2.1.9.0)-nötig kikin Plugin (NO23 Edition) 1.11 (x32 Version: 1.11) -unnötig KUx86 (x32 Version: 1.0.0)-unbekannt Luxor HD (x32 Version: 2.2.0.110)-unbekannt LyricXeeker (x32)-unbekannt Mahjongg Artifacts (x32 Version: 2.2.0.110)-unbekannt Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)-nötig McAfee Internet Security (x32 Version: 11.6.511)-nötig Microsoft Office (x32 Version: 15.0.4420.1017)-nötig Microsoft Office 2010 Service Pack 1 (SP1) (x32)-nötig Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)-nötig Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)-nötig Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)-nötig Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)-nötig Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)-unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)-unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)-unbekannt Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)-unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)-unbekannt Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)-nötig Mozilla Maintenance Service (x32 Version: 22.0)-unbekannt Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)-unbekannt No23 Recorder (x32 Version: 2.1.0.3)-nötig Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)-unbekannt PlayMemories Home (x32 Version: 6.3.02.07270)-unbekannt Polar Bowler (x32 Version: 2.2.0.97)-unbekannt Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.214)-unbekannt Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)-nötig Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)-nötig Restore (x32 Version: 1.0.0)-unbekannt Shared C Run-time for x64 (Version: 10.0.0)-unbekannt Spotify (HKCU Version: 0.9.1.57.ge7405149)-nötig SSLx64 (Version: 1.0.0)-unbekannt SSLx86 (x32 Version: 1.0.0)-unbekannt swMSM (x32 Version: 12.0.0.1)-unbekannt Update for Microsoft Office 2010 (KB2553065) (x32)-nötig Update for Microsoft Office 2010 (KB2553092) (x32)-nötig Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) -nötig Update for Microsoft Office 2010 (KB2566458) (x32)-nötig Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)-nötig Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)-nötig Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)-nötig Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)-nötig Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)-nötig Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)-unbekannt Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)-nötig Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)-unnötig Update Installer for WildTangent Games App (x32)-unbekannt Vacation Quest™ - Australia (x32 Version: 3.0.2.32)-unbekannt VAIO - Xperia Link (x32 Version: 1.1.0.11020)-nötig VAIO Care (Version: 8.1.0.10120)-nötig VAIO Control Center (x32 Version: 6.1.0.10300)-nötig VAIO Data Restore Tool (x32 Version: 1.10.0.07270)-nötig VAIO Easy Connect (x32 Version: 1.3.0.09290)-nötig VAIO Gate (x32 Version: 3.0.0.08140)-nötig VAIO Gate Default (x32 Version: 3.1.0.10240)-nötig VAIO Gesture Control (x32 Version: 2.1.0.10220)-nötig VAIO Image Optimizer (x32 Version: 3.0.00.08170)-nötig VAIO Improvement (x32 Version: 2.1.0.10220)-nötig VAIO Media Server Settings (Version: 1.0.1.10170)-nötig VAIO Movie Creator (x32 Version: 4.0.00.10170)-nötig VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)-nötig VAIO Update (x32 Version: 6.0.2.10230)-nötig VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)-nötig VAIO-Handbuch (x32 Version: 3.0.0.08100)-nötig VAIO-Hardwarediagnose-Plugin für VAIO Care (x32 Version: 4.7.0.11070)-nötig VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060)-nötig VCCx64 (Version: 1.0.0)-unbekannt VCCx86 (x32 Version: 1.0.0)-unbekannt VGClientX64 (Version: 1.0.0)-unbekannt VHD (x32 Version: 1.0.0)-unbekannt Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32)-unbekannt VIx64 (Version: 1.0.0)-unbekannt VIx86 (x32 Version: 1.0.0)-unbekannt VMLx86 (x32 Version: 1.0.0)-unbekannt VPMx64 (Version: 1.0.0)-unbekannt VSSTx64 (Version: 1.0.0)-unbekannt VSSTx86 (x32 Version: 1.0.0)-unbekannt VU5x64 (Version: 1.0.0)-unbekannt VU5x86 (x32 Version: 1.0.0)-unbekannt VUx64 (Version: 1.0.0)-unbekannt VUx86 (x32 Version: 1.0.0)-unbekannt VWSTx86 (x32 Version: 1.0.0)-unbekannt WildTangent Games App (x32 Version: 4.0.9.7)-unbekannt WildTangent-Spiele (x32 Version: 1.0.4.0)-unbekannt XperiaLinkx86 (x32 Version: 1.0.0)-unbekannt Youda Jewel Shop (x32 Version: 3.0.2.32)-unbekannt ==================== Restore Points ========================= 19-07-2013 08:39:59 Windows Update 20-07-2013 11:24:05 No23 Recorder wird installiert 30-07-2013 08:54:36 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {04D74653-6BC9-4C5F-876F-D161807CCF3D} - System32\Tasks\EPUpdater => C:\Users\lulu\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] () Task: {0661FB25-0450-4253-82AC-9129EB9B8157} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {0A40BD42-E8F1-4EA8-953F-59A8ADA2B59E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated) Task: {0B83619B-C6FB-45C4-9637-CF2101C3B71A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {1267D6EB-4305-40AB-8AA1-747B51B1C057} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {1FE800DA-0703-479A-A6AC-E778FD43FFCA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3D4B2E7F-EF18-4686-A04A-0F4A3D014600} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation) Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {519B81AC-B747-486E-B84A-15691C5CF089} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {6029F91E-F4E9-4D93-9CA9-4AB827ED87CC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation) Task: {618824AA-494E-42B9-AC6E-D1607767E35F} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001 Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {6E7B8020-199C-42B0-936B-082E52DE9795} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-23] (Sony Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-10-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {8ED20079-776C-446D-8A0C-71E3DC3CDEB6} - System32\Tasks\LyricXeeker Update => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe [2013-07-27] (LyriXeeker Tech) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AE2806A3-727A-48E6-8AEA-494AACB020D0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B0197A67-4149-4442-AFE9-15D314C1DBEC} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {B1DA4434-017D-420A-A921-57317F79D2F2} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation) Task: {B9470BFD-E8DB-45EE-B424-4C5010BEDB3B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation) Task: {BAF03EFE-C81E-42EF-B9AA-E48C80E0702B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {BD2C4799-2D62-4104-85F4-15C696BE8DBA} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation) Task: {BE2AF02B-BD6D-4C08-95B3-469870D41A56} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {BFD017BC-AAB9-40D2-B7BC-BFF2AACCBC7E} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {C899C774-9679-4DEC-8C87-5F2307D2C117} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {CD91CE74-9EB2-49A7-9CAD-5812ED8AFA85} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation) Task: {D9AE8BC5-24AC-496A-A1B8-35C9647D559D} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DC2FA84B-CD37-48B5-A9DE-B019C9363AAF} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation) Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-10-20] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {EC1FB769-7DA4-46F3-AE27-61A59ED47566} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F489F9AD-C70B-45F7-991A-7A48F7AC81C3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation) Task: {F5F6FEB4-AB12-4A07-8C67-2EBFD5893BA6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation) Task: {F6DF139C-CC9D-40D0-8BAF-E9188E59AA19} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files (x86)\LyriXeeker\LyriXupdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/02/2013 03:07:56 PM) (Source: MsiInstaller) (User: BONI-PC) Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: Mozilla Firefox Error: (08/02/2013 03:07:55 PM) (Source: MsiInstaller) (User: BONI-PC) Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: Mozilla Firefox Error: (07/29/2013 09:41:11 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (07/23/2013 11:40:07 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (07/21/2013 03:39:51 PM) (Source: SampleCollector) (User: ) Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (07/19/2013 11:20:57 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5 Name des fehlerhaften Moduls: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5 Ausnahmecode: 0xc000000d Fehleroffset: 0x0002b2eb ID des fehlerhaften Prozesses: 0x8d8 Startzeit der fehlerhaften Anwendung: 0xProductInst.exe0 Pfad der fehlerhaften Anwendung: ProductInst.exe1 Pfad des fehlerhaften Moduls: ProductInst.exe2 Berichtskennung: ProductInst.exe3 Vollständiger Name des fehlerhaften Pakets: ProductInst.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ProductInst.exe5 Error: (07/19/2013 11:20:00 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5 Name des fehlerhaften Moduls: ProductInst.exe, Version: 1.0.5.3, Zeitstempel: 0x50bff5c5 Ausnahmecode: 0xc000000d Fehleroffset: 0x0002b2eb ID des fehlerhaften Prozesses: 0x1be0 Startzeit der fehlerhaften Anwendung: 0xProductInst.exe0 Pfad der fehlerhaften Anwendung: ProductInst.exe1 Pfad des fehlerhaften Moduls: ProductInst.exe2 Berichtskennung: ProductInst.exe3 Vollständiger Name des fehlerhaften Pakets: ProductInst.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ProductInst.exe5 Error: (07/11/2013 09:51:19 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (07/08/2013 02:11:37 AM) (Source: Perflib) (User: ) Description: Outlook Error: (07/08/2013 02:11:37 AM) (Source: Perflib) (User: ) Description: Outlook8 System errors: ============= Error: (08/02/2013 03:33:15 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (08/01/2013 11:07:32 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (08/01/2013 09:23:46 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THOMAS-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (07/29/2013 01:03:41 AM) (Source: DCOM) (User: BONI-PC) Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} Error: (07/29/2013 01:03:41 AM) (Source: DCOM) (User: BONI-PC) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (07/24/2013 11:25:08 PM) (Source: DCOM) (User: BONI-PC) Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} Error: (07/08/2013 06:06:58 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "NICO-VAIO", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{226200EB-85B2-422C-A0C1-74690BE57634}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (07/08/2013 03:12:51 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A} Error: (07/08/2013 02:06:58 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} Error: (07/08/2013 02:06:57 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} Microsoft Office Sessions: ========================= Error: (08/02/2013 03:07:56 PM) (Source: MsiInstaller)(User: BONI-PC) Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL) Error: (08/02/2013 03:07:55 PM) (Source: MsiInstaller)(User: BONI-PC) Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/29/2013 09:41:11 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (07/23/2013 11:40:07 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (07/21/2013 03:39:51 PM) (Source: SampleCollector)(User: ) Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Error: (07/19/2013 11:20:57 AM) (Source: Application Error)(User: ) Description: ProductInst.exe1.0.5.350bff5c5ProductInst.exe1.0.5.350bff5c5c000000d0002b2eb8d801ce846139b9b44fC:\Users\lulu\AppData\Local\Temp\7zS29CC\ProductInst.exeC:\Users\lulu\AppData\Local\Temp\7zS29CC\ProductInst.exe84abe431-f054-11e2-be79-a41731e1c014 Error: (07/19/2013 11:20:00 AM) (Source: Application Error)(User: ) Description: ProductInst.exe1.0.5.350bff5c5ProductInst.exe1.0.5.350bff5c5c000000d0002b2eb1be001ce84611839619cC:\Users\lulu\AppData\Local\Temp\7zS269C\ProductInst.exeC:\Users\lulu\AppData\Local\Temp\7zS269C\ProductInst.exe62b91e73-f054-11e2-be79-a41731e1c014 Error: (07/11/2013 09:51:19 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (07/08/2013 02:11:37 AM) (Source: Perflib)(User: ) Description: Outlook Error: (07/08/2013 02:11:37 AM) (Source: Perflib)(User: ) Description: Outlook8 ==================== Memory info =========================== Percentage of memory in use: 61% Total physical RAM: 4043.27 MB Available physical RAM: 1553.57 MB Total Pagefile: 5307.27 MB Available Pagefile: 1498.29 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:436.4 GB) (Free:386.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 44C23A29) Partition: GPT Partition Type ==================== End Of Log ============================ |
|
02.08.2013, 19:27
| #7 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, um die Malwarebytes Funde kümmern wir uns noch. es sind 2 Logs zu erstellen, möglichst gleichzeitig posten. Sollte eine der Deinstalationen nicht funktionieren, nutze Rewo: Revo Uninstaller - Download - Filepony 1. Deinstaliere: adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Agatha Aloha Bejeweled BrowserDefender Chuzzle Cradle Delta : beide Heroes Java 7 : beide downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: kikin LyricXeeker Mahjongg Mystery Plants vs Polar Bowler Vacation Virtual Villagers WildTangent : beide Youda Jewel Shop Neustarten. 2. Scan mit Combofix
3. Downloade Dir bitte  Malwarebytes Anti-Malware
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2013, 21:11
| #8 |
| | werbetrojaner windows 8; malewarebytes über 100 fundeCode:
ATTFilter ComboFix 13-08-02.01 - 02.08.2013 21:37:01.1.2 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.4043.2381 [GMT 2:00]
ausgeführt von:: c:\users\lulu\Downloads\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Im Speicher befindliches AV aktiv.
.
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\lulu\AppData\Local\lame_enc.dll
c:\users\lulu\AppData\Local\Microsoft\Windows\Temporary Internet Files\{257EACC6-0695-4973-8529-5E618F0D2844}.xps
c:\users\lulu\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F0871B5D-D3C5-47BE-AE19-ED4F9711DD7C}.xps
c:\users\lulu\AppData\Local\no23xwrapper.dll
c:\users\lulu\AppData\Local\ogg.dll
c:\users\lulu\AppData\Local\vorbis.dll
c:\users\lulu\AppData\Local\vorbisenc.dll
c:\users\lulu\AppData\Local\vorbisfile.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-02 bis 2013-08-02 ))))))))))))))))))))))))))))))
.
.
2013-08-02 19:47 . 2013-08-02 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-02 19:07 . 2013-08-02 19:07 312232 ----a-w- c:\windows\system32\javaws.exe
2013-08-02 19:07 . 2013-08-02 19:07 189352 ----a-w- c:\windows\system32\javaw.exe
2013-08-02 19:07 . 2013-08-02 19:07 188840 ----a-w- c:\windows\system32\java.exe
2013-08-02 19:07 . 2013-08-02 19:07 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-02 19:07 . 2013-08-02 19:07 -------- d-----w- c:\program files\Java
2013-08-02 18:54 . 2013-08-02 18:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-02 17:41 . 2013-08-02 17:41 -------- d-----w- C:\FRST
2013-08-02 17:06 . 2013-08-02 17:06 -------- d-----w- c:\programdata\Malwarebytes
2013-08-02 17:06 . 2013-08-02 17:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-02 17:06 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-02 11:36 . 2013-08-02 11:36 -------- d-----w- c:\program files (x86)\AMR to MP3 Converter
2013-08-02 11:35 . 2013-08-02 11:35 -------- d-----w- c:\programdata\Babylon
2013-08-02 11:26 . 2013-08-02 11:26 -------- d-----w- c:\windows\LastGood.Tmp
2013-08-01 21:20 . 2013-08-01 21:20 262832 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10212.bin
2013-08-01 09:55 . 2013-08-01 09:55 -------- d-----w- c:\programdata\APN
2013-07-19 09:23 . 2012-09-18 13:27 65024 ----a-w- c:\windows\system32\Spool\prtprocs\x64\PPhp1020.DLL
2013-07-19 09:22 . 2012-09-18 07:34 247296 ----a-w- c:\windows\system32\zshp1020s.dll
2013-07-19 09:22 . 2012-09-18 13:27 192512 ----a-w- c:\windows\system32\ZLhp1020.DLL
2013-07-19 09:22 . 2012-09-18 13:27 501760 ----a-w- c:\windows\system32\ZSHP1020.EXE
2013-07-19 09:22 . 2013-07-19 09:22 -------- d-----w- c:\program files\HP
2013-07-19 09:19 . 2013-07-19 09:19 -------- d-----w- c:\program files (x86)\HP
2013-07-18 12:03 . 2013-06-01 09:24 850944 ----a-w- c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-18 12:03 . 2013-06-01 09:19 207872 ----a-w- c:\windows\system32\DeviceSetupManager.dll
2013-07-18 12:03 . 2013-06-01 11:29 337152 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-07-18 12:03 . 2013-06-01 09:22 80896 ----a-w- c:\windows\system32\MbaeParserTask.exe
2013-07-18 12:03 . 2013-06-01 11:54 194816 ----a-w- c:\windows\system32\drivers\sdbus.sys
2013-07-18 12:03 . 2013-06-01 11:54 125184 ----a-w- c:\windows\system32\drivers\dumpsd.sys
2013-07-18 12:03 . 2013-06-01 09:22 190976 ----a-w- c:\windows\system32\vdsutil.dll
2013-07-18 12:03 . 2013-06-01 09:25 67584 ----a-w- c:\windows\SysWow64\samlib.dll
2013-07-18 12:03 . 2013-06-01 03:08 37632 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-18 12:03 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-07-17 16:17 . 2013-07-17 16:17 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-07-16 06:54 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-15 13:40 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-07-15 13:40 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-07-15 13:40 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-07-15 13:40 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-07-15 13:40 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-07-15 13:40 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 13:40 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-07-15 13:40 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 13:40 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 13:40 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-07-14 19:21 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-07-14 19:21 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-07-14 19:21 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-07-14 19:21 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-07-14 19:21 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-07-14 19:21 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-07-14 19:21 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-07-14 19:21 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-07-14 19:20 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-07-14 19:20 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-07-14 19:20 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-07-14 19:20 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-07-14 19:20 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-14 19:20 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2013-07-14 19:18 . 2012-12-04 04:21 368640 ----a-w- c:\windows\system32\sppwinob.dll
2013-07-11 18:52 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-11 18:52 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-11 08:23 . 2013-07-11 08:23 -------- d-----w- c:\programdata\CyberLink
2013-07-11 07:24 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 07:24 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-11 07:24 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 07:24 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 07:24 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 07:24 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-11 07:24 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-11 07:24 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 07:24 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 07:24 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 07:24 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-08 12:49 . 2013-07-08 13:10 -------- d-----r- c:\windows\BrowserChoice
2013-07-08 11:43 . 2013-07-08 11:43 -------- d-----w- c:\windows\SysWow64\Adobe
2013-07-08 08:29 . 2013-07-08 08:29 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-07-08 08:29 . 2013-07-08 08:29 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-08 07:49 . 2013-07-14 18:50 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-08 07:39 . 2013-07-14 18:55 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-07-07 23:23 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-07-07 23:22 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-07-07 23:19 . 2013-03-02 02:45 1161728 ----a-w- c:\windows\system32\sppobjs.dll
2013-07-07 23:17 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2013-07-07 23:16 . 2013-04-09 04:50 65024 ----a-w- c:\windows\system32\msscntrs.dll
2013-07-07 23:16 . 2012-11-06 04:18 267264 ----a-w- c:\windows\system32\EncDump.dll
2013-07-07 23:16 . 2012-10-11 05:06 94208 ----a-w- c:\windows\SysWow64\mssitlb.dll
2013-07-07 23:16 . 2012-10-11 05:06 48640 ----a-w- c:\windows\SysWow64\msscntrs.dll
2013-07-07 23:16 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-07 23:16 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-07 23:10 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-07-07 23:09 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-07-07 23:09 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-07-07 23:06 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-07-07 23:06 . 2012-10-24 03:25 26624 ----a-w- c:\windows\system32\ReAgentc.exe
2013-07-07 23:06 . 2012-10-24 02:48 24064 ----a-w- c:\windows\SysWow64\ReAgentc.exe
2013-07-07 23:05 . 2012-11-03 05:25 945152 ----a-w- c:\windows\system32\resetengmig.dll
2013-07-07 23:05 . 2013-03-02 08:23 375808 ----a-w- c:\windows\SysWow64\ReAgent.dll
2013-07-07 23:05 . 2013-03-02 02:44 1011200 ----a-w- c:\windows\system32\reseteng.dll
2013-07-07 23:05 . 2012-12-15 04:55 443392 ----a-w- c:\windows\system32\ReAgent.dll
2013-07-07 23:05 . 2012-11-03 05:26 132096 ----a-w- c:\windows\system32\sysreset.exe
2013-07-07 22:58 . 2013-02-02 05:31 1690624 ----a-w- c:\windows\system32\GdiPlus.dll
2013-07-07 22:58 . 2013-02-02 05:41 1437184 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2013-07-07 22:58 . 2013-02-12 00:17 20992 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-07-07 22:58 . 2012-12-16 08:08 362496 ----a-w- c:\windows\system32\atmfd.dll
2013-07-07 22:58 . 2012-12-16 08:28 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-07 22:58 . 2012-12-16 08:20 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-07 22:58 . 2012-12-16 07:57 300032 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-07 22:58 . 2012-11-08 04:24 10752 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-07-07 22:58 . 2012-11-08 04:20 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-07-07 22:58 . 2012-11-08 04:24 75776 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-07-07 22:58 . 2012-11-08 04:20 96256 ----a-w- c:\windows\system32\fontsub.dll
2013-07-07 22:58 . 2012-11-08 04:02 3072 ----a-w- c:\windows\system32\lpk.dll
2013-07-07 22:58 . 2012-11-08 04:01 3072 ----a-w- c:\windows\SysWow64\lpk.dll
2013-07-07 22:57 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-07-07 22:57 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-07-07 22:51 . 2013-03-06 06:31 19758592 ----a-w- c:\windows\system32\shell32.dll
2013-07-07 22:51 . 2013-03-06 06:31 222208 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-07 22:51 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-07-07 22:51 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-07-07 22:42 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll
2013-07-07 22:42 . 2012-11-01 04:40 1836032 ----a-w- c:\windows\system32\msxml3.dll
2013-07-07 22:42 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-07-07 22:42 . 2012-11-01 04:41 1438720 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-07-07 22:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
2013-07-07 22:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-02 19:07 . 2013-01-21 22:42 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-02 19:07 . 2013-01-21 22:42 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-07 19:39 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-27 22:04 . 2012-07-26 08:14 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\lulu\AppData\Roaming\Spotify\spotify.exe" [2013-07-07 4640768]
"Spotify Web Helper"="c:\users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-07 1104384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-21 642216]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-13 1532992]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Intel AppUp(R) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-10-04 156000]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x]
R3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37 215264 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-08 07:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-28 1214608]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-11-05 766080]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-11-05 127616]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\
FF - ExtSQL: 2013-07-16 09:14; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - f219e318000000000000a41731e1c014
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15919
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.013:35
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119360&tsp=4962
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-08-02 22:02:53
ComboFix-quarantined-files.txt 2013-08-02 20:02
.
Vor Suchlauf: 10 Verzeichnis(se), 418.303.987.712 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 417.949.827.072 Bytes frei
.
- - End Of File - - F8F96486911A265C1BE36E72F02B8CDF
D41D8CD98F00B204E9800998ECF8427E
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.02.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16635 ::-PC [Administrator] Schutz: Aktiviert 02.08.2013 22:05:28 MBAM-log-2013-08-02 (22-08-56).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 217771 Laufzeit: 3 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=F219A41731E1C014&affID=119360&tsp=4962) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 1 C:\Users\lulu\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 1 C:\Users\lulu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. (Ende) |
|
02.08.2013, 21:28
| #9 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, sieht doch schon mal ganz gut aus. 1. Malwarebytes Funde löschen lassen. Es sind 3 Logs zu erstellen, poste diese möglichst gleichzeitig. 2. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Neustarten. 3. Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
neustarten. 4. Lade Hitmanpro: HitmanPro - Download - Filepony Doppelklicken, Scan klicken. Log speichern und posten, bzw als XML exportieren packen und anhängen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2013, 21:59
| #10 |
| | werbetrojaner windows 8; malewarebytes über 100 funde Vielen Dank für deine Hilfe! Code:
ATTFilter # AdwCleaner v2.306 - Datei am 02/08/2013 um 22:33:27 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer :
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\lulu\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\searchplugins\Babylon.xml
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\Babylon
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\d4dfd0e13fed49
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\d4dfd0e13fed49
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js
C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "2");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "667DC6D2D447178D425541B8A7FA2EAA");
Gelöscht : user_pref("extensions.delta.id", "f219e318000000000000a41731e1c014");
Gelöscht : user_pref("extensions.delta.instlDay", "15919");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.22.013:35:44");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.013:35:44");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119360&tsp=4962");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [3873 octets] - [02/08/2013 22:33:27]
########## EOF - C:\AdwCleaner[S1].txt - [3933 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.0 (08.02.2013:1)
OS: Windows 8 x64
Ran by Laura on 02.08.2013 at 22:42:39,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\lulu\AppData\Roaming\mozilla\firefox\profiles\7eaxiflz.default\invalidprefs.js
Emptied folder: C:\Users\lulu\AppData\Roaming\mozilla\firefox\profiles\7eaxiflz.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.08.2013 at 22:48:21,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter
|
|
02.08.2013, 22:13
| #11 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, bitte alle Browwser schließen, Hitmanpro Funde entfernen lassen. neues FRST Log bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2013, 22:24
| #12 |
| | werbetrojaner windows 8; malewarebytes über 100 funde FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by (administrator) on 02-08-2013 23:22:33
Running from C:\Users\lulu\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKCU\...\Run: [Spotify] - C:\Users\lulu\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-07] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\lulu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-07] (Spotify Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {16727879-BEF8-421A-944A-C14CFB80BEB9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A236D83C-2C6E-4DA1-867B-702412B2964C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\lulu\AppData\Roaming\Mozilla\Firefox\Profiles\7eaxiflz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-05-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-10-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 mfeavfk01; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-02 23:21 - 2013-08-02 23:21 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64(1).exe
2013-08-02 22:55 - 2013-08-02 22:55 - 00011420 _____ C:\Users\lulu\Desktop\HitmanPro_20130802_2255.log
2013-08-02 22:50 - 2013-08-02 22:56 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-02 22:49 - 2013-08-02 22:50 - 09833328 _____ (SurfRight B.V.) C:\Users\lulu\Desktop\HitmanPro_x64.exe
2013-08-02 22:48 - 2013-08-02 22:48 - 00000860 _____ C:\Users\lulu\Desktop\JRT.txt
2013-08-02 22:42 - 2013-08-02 22:42 - 00000000 ____D C:\Windows\ERUNT
2013-08-02 22:41 - 2013-08-02 22:41 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\lulu\Desktop\JRT.exe
2013-08-02 22:33 - 2013-08-02 22:33 - 00003998 _____ C:\AdwCleaner[S1].txt
2013-08-02 22:31 - 2013-08-02 22:31 - 00666633 _____ C:\Users\lulu\Desktop\adwcleaner.exe
2013-08-02 22:03 - 2013-08-02 22:03 - 00028691 _____ C:\ComboFix.txt
2013-08-02 21:35 - 2013-08-02 22:03 - 00000000 ____D C:\ComboFix
2013-08-02 21:35 - 2013-08-02 21:35 - 00001453 _____ C:\Users\lulu\Desktop\ComboFix - Verknüpfung.lnk
2013-08-02 21:35 - 2013-08-02 21:35 - 00001149 _____ C:\Users\lulu\Desktop\avira3737_free_antivirus_de - Verknüpfung.lnk
2013-08-02 21:31 - 2013-08-02 21:31 - 05097855 _____ (Swearware) C:\Users\lulu\Desktop\ComboFix.exe
2013-08-02 21:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-02 21:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-02 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-02 21:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-02 21:29 - 2013-08-02 22:03 - 00000000 ____D C:\Qoobox
2013-08-02 21:29 - 2013-08-02 21:57 - 00000000 ____D C:\Windows\erdnt
2013-08-02 21:28 - 2013-08-02 21:29 - 05097855 ____R (Swearware) C:\Users\lulu\Downloads\ComboFix.exe
2013-08-02 21:08 - 2013-08-02 21:09 - 24250211 _____ (Mozilla) C:\Users\lulu\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Program Files\Java
2013-08-02 21:06 - 2013-08-02 21:06 - 33150376 _____ (Oracle Corporation) C:\Users\lulu\Downloads\jre-7u25-windows-x64.exe
2013-08-02 20:54 - 2013-08-02 20:54 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-02 20:54 - 2013-08-02 20:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-02 19:44 - 2013-08-02 19:44 - 00117087 _____ C:\Users\lulu\Downloads\FRST.txt
2013-08-02 19:43 - 2013-08-02 19:44 - 00029057 _____ C:\Users\lulu\Downloads\Addition.txt
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Desktop\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:38 - 2013-08-02 12:39 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 11:50 - 2013-07-21 12:00 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:22 - 2012-09-18 15:27 - 00501760 _____ C:\Windows\system32\ZSHP1020.EXE
2013-07-19 11:22 - 2012-09-18 15:27 - 00192512 _____ C:\Windows\system32\ZLhp1020.DLL
2013-07-19 11:22 - 2012-09-18 09:34 - 00247296 _____ () C:\Windows\system32\zshp1020s.dll
2013-07-19 11:22 - 2012-09-18 09:34 - 00128380 _____ C:\Windows\system32\hp1018.img
2013-07-19 11:22 - 2012-09-18 09:34 - 00010698 _____ C:\Windows\system32\ZSHP1018.CHM
2013-07-19 11:19 - 2013-07-19 11:23 - 00321770 _____ C:\1020.log
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 14:04 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-18 14:04 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 14:04 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-18 14:04 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-18 14:04 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-18 14:04 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-18 14:04 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-18 14:04 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-18 14:04 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-18 14:04 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-18 14:04 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-18 14:04 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-18 14:04 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-18 14:04 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-18 14:04 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-18 14:03 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-18 14:03 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-18 14:03 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-18 14:03 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-18 14:03 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-18 14:03 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-18 14:03 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-18 14:03 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-18 14:03 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 08:54 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-15 15:40 - 2012-11-20 07:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-07-15 15:40 - 2012-11-20 07:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-07-15 15:40 - 2012-11-20 07:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-20 06:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2013-07-15 15:40 - 2012-11-08 06:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:25 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-07-15 15:40 - 2012-11-08 06:22 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-15 15:38 - 2012-11-06 09:52 - 00277736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-07-15 15:38 - 2012-11-06 09:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-07-15 15:38 - 2012-11-06 06:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2013-07-15 15:38 - 2012-11-06 06:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 01037312 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00976384 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-07-15 15:38 - 2012-11-06 06:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-07-15 15:38 - 2012-11-06 06:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2013-07-15 15:38 - 2012-11-06 06:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-07-15 15:38 - 2012-11-06 05:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-07-15 15:38 - 2012-11-06 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2013-07-15 15:38 - 2012-11-06 05:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2013-07-15 15:38 - 2012-11-06 05:53 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-15 15:38 - 2012-11-06 05:51 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 06:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-07-14 21:21 - 2012-10-17 05:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-07-14 21:21 - 2012-10-12 08:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2013-07-14 21:21 - 2012-10-12 07:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-07-14 21:20 - 2012-10-24 06:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-07-14 21:20 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2013-07-14 21:20 - 2012-10-11 07:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-07-14 21:20 - 2012-10-11 07:44 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-14 21:20 - 2012-10-11 07:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-07-14 21:19 - 2012-10-11 09:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-07-14 21:19 - 2012-10-11 09:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2013-07-14 21:19 - 2012-10-11 09:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-14 21:19 - 2012-10-11 09:18 - 00172264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00058088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-07-14 21:19 - 2012-10-11 09:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2013-07-14 21:19 - 2012-10-11 09:08 - 00562392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-14 21:19 - 2012-10-11 07:46 - 00517120 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2013-07-14 21:19 - 2012-10-11 07:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 01045504 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-07-14 21:19 - 2012-10-11 07:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00904192 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-07-14 21:19 - 2012-10-11 07:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2013-07-14 21:19 - 2012-10-11 07:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2013-07-14 21:19 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-07-14 21:19 - 2012-10-11 07:16 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-07-14 21:19 - 2012-10-11 07:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2013-07-14 21:19 - 2012-10-11 07:07 - 00962560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-07-14 21:19 - 2012-10-11 07:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-07-14 21:19 - 2012-10-11 07:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-14 21:19 - 2012-10-11 07:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-07-14 21:19 - 2012-10-11 06:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-07-14 21:19 - 2012-10-11 02:45 - 00478424 _____ C:\Windows\SysWOW64\locale.nls
2013-07-14 21:19 - 2012-10-11 02:44 - 00478424 _____ C:\Windows\system32\locale.nls
2013-07-14 21:18 - 2012-12-04 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-07-14 21:18 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-14 21:18 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2013-07-14 21:18 - 2012-11-27 06:19 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 01071104 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-07-14 21:18 - 2012-11-27 06:18 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-07-14 21:18 - 2012-11-27 06:18 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-07-14 21:18 - 2012-11-27 06:17 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-07-14 21:18 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-14 21:18 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2013-07-14 21:18 - 2012-10-12 07:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-14 21:18 - 2012-09-11 07:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2013-07-14 21:18 - 2012-09-11 07:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2013-07-11 21:49 - 2013-07-11 22:10 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-11 09:24 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:24 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:24 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:24 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-11 09:23 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-11 09:23 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-11 09:23 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-11 09:23 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:23 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-08 20:32 - 2013-07-20 12:33 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-08 20:31 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-08-02 15:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-07-08 20:30 - 2013-07-21 23:42 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:31 - 2013-08-02 22:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 15:31 - 2013-07-15 09:28 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-08 15:30 - 2013-08-02 20:55 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 14:49 - 2013-07-08 15:10 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:49 - 2013-07-14 20:50 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-08 09:39 - 2013-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-08 09:39 - 2013-07-14 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 09:39 - 2013-07-08 15:15 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 01:23 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2013-07-08 01:22 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-07-08 01:20 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00785504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-08 01:20 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-08 01:20 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:26 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-08 01:20 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-07-08 01:20 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2013-07-08 01:20 - 2013-01-10 01:22 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-07-08 01:20 - 2013-01-10 01:22 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2013-07-08 01:20 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-07-08 01:20 - 2013-01-09 05:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-07-08 01:20 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2013-07-08 01:20 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2013-07-08 01:19 - 2013-03-02 12:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-07-08 01:19 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2013-07-08 01:19 - 2013-03-02 12:45 - 00148712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-07-08 01:19 - 2013-03-02 12:39 - 00327912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-07-08 01:19 - 2013-03-02 10:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-08 01:19 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-07-08 01:19 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01161728 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-07-08 01:19 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-07-08 01:19 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2013-07-08 01:19 - 2013-03-02 04:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2013-07-08 01:19 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2013-07-08 01:19 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-07-08 01:19 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys
2013-07-08 01:19 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2013-07-08 01:19 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-07-08 01:19 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-07-08 01:19 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2013-07-08 01:17 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-07-08 01:17 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-07-08 01:17 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2013-07-08 01:17 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2013-07-08 01:17 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2013-07-08 01:17 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-07-08 01:17 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-08 01:17 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-07-08 01:17 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-07-08 01:17 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2013-07-08 01:17 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2013-07-08 01:17 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-07-08 01:17 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-07-08 01:17 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-07-08 01:17 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-07-08 01:17 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-07-08 01:17 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-07-08 01:17 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-07-08 01:17 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-07-08 01:17 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-08 01:17 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-07-08 01:17 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-07-08 01:17 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-07-08 01:17 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-07-08 01:17 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-07-08 01:17 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-07-08 01:17 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-07-08 01:17 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-07-08 01:17 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-07-08 01:17 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-07-08 01:17 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-08 01:17 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2013-07-08 01:17 - 2012-11-06 09:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2013-07-08 01:17 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-07-08 01:17 - 2012-10-11 07:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-07-08 01:16 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-07-08 01:16 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-08 01:16 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-08 01:16 - 2012-11-06 06:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-07-08 01:16 - 2012-10-11 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-08 01:11 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-07-08 01:11 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-07-08 01:11 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-07-08 01:11 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-07-08 01:11 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-08 01:11 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-08 01:11 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-07-08 01:11 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-07-08 01:11 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-07-08 01:11 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-07-08 01:11 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-07-08 01:11 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-07-08 01:11 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-07-08 01:11 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-07-08 01:11 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-07-08 01:11 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-07-08 01:11 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-07-08 01:11 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2013-07-08 01:11 - 2013-03-02 04:45 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-07-08 01:11 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-07-08 01:11 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2013-07-08 01:11 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2013-07-08 01:11 - 2012-11-02 07:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-08 01:10 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-08 01:10 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-08 01:10 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-07-08 01:10 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-07-08 01:10 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-07-08 01:10 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-08 01:10 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-07-08 01:10 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-07-08 01:10 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-07-08 01:10 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-07-08 01:10 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-07-08 01:09 - 2013-04-16 04:34 - 01455368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-08 01:09 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-07-08 01:07 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-08 01:07 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-08 01:07 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-08 01:07 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-08 01:07 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-08 01:07 - 2012-11-26 06:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-07-08 01:07 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-08 01:07 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2013-07-08 01:07 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2013-07-08 01:07 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2013-07-08 01:07 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-08 01:07 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-08 01:06 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-08 01:06 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2013-07-08 01:06 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-07-08 01:05 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-07-08 01:05 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2013-07-08 01:05 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-07-08 01:05 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2013-07-08 01:05 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2013-07-08 00:59 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-08 00:59 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-07-08 00:59 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00496872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-07-08 00:59 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-07-08 00:59 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-08 00:59 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-07-08 00:59 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-07-08 00:59 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2013-07-08 00:59 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2013-07-08 00:59 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2013-07-08 00:59 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-07-08 00:59 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2013-07-08 00:59 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2013-07-08 00:59 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-07-08 00:59 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2013-07-08 00:59 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2013-07-08 00:59 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-07-08 00:59 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2013-07-08 00:59 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2013-07-08 00:59 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2013-07-08 00:59 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2013-07-08 00:58 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-08 00:58 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-07-08 00:58 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-08 00:58 - 2012-12-16 10:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:20 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-08 00:58 - 2012-12-16 10:08 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-08 00:58 - 2012-12-16 09:57 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-07-08 00:58 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-07-08 00:58 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-07-08 00:58 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-07-08 00:57 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-08 00:57 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-08 00:51 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-08 00:51 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-08 00:51 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-08 00:51 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-08 00:51 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-08 00:47 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-07-08 00:47 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-07-08 00:47 - 2013-01-29 03:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-07-08 00:47 - 2013-01-29 01:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-07-08 00:42 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:41 - 01438720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-08 00:42 - 2012-11-01 06:40 - 01836032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-07-08 00:42 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-08 00:39 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-08 00:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-08 00:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-07-08 00:38 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-08 00:38 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-08 00:38 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-08 00:38 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-08 00:38 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-08 00:38 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-08 00:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-08 00:38 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-17 18:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 ___RD C:\MSOCache
2013-07-07 23:05 - 2013-08-02 22:37 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-07-07 23:05 - 2013-08-02 13:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:12 - 2013-07-19 11:21 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:51 - 2013-08-02 20:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-08-02 21:22 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-07-07 21:44 - 2013-08-02 13:41 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-07-07 21:44 - 2013-07-07 23:53 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-07 21:43 - 2013-07-08 15:10 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-07 21:42 - 2013-07-08 15:54 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:41 - 2013-07-07 22:58 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-08 15:10 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:39 - 2013-07-07 21:43 - 00000000 ____D C:\Users\lulu
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-07-07 21:39 - 2012-07-26 10:13 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-08-02 23:21 - 2013-08-02 23:21 - 01781485 _____ (Farbar) C:\Users\lulu\Downloads\FRST64(1).exe
2013-08-02 23:04 - 2013-01-22 00:41 - 01688152 _____ C:\Windows\WindowsUpdate.log
2013-08-02 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-02 22:59 - 2013-07-08 15:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-02 22:56 - 2013-08-02 22:50 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-02 22:55 - 2013-08-02 22:55 - 00011420 _____ C:\Users\lulu\Desktop\HitmanPro_20130802_2255.log
2013-08-02 22:50 - 2013-08-02 22:49 - 09833328 _____ (SurfRight B.V.) C:\Users\lulu\Desktop\HitmanPro_x64.exe
2013-08-02 22:48 - 2013-08-02 22:48 - 00000860 _____ C:\Users\lulu\Desktop\JRT.txt
2013-08-02 22:42 - 2013-08-02 22:42 - 00000000 ____D C:\Windows\ERUNT
2013-08-02 22:41 - 2013-08-02 22:41 - 00560799 _____ (Oleg N. Scherbakov) C:\Users\lulu\Desktop\JRT.exe
2013-08-02 22:40 - 2013-01-22 00:15 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-02 22:40 - 2013-01-22 00:15 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-02 22:40 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-02 22:37 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Spotify
2013-08-02 22:35 - 2012-08-03 04:22 - 00034564 _____ C:\Windows\PFRO.log
2013-08-02 22:35 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-02 22:34 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-02 22:33 - 2013-08-02 22:33 - 00003998 _____ C:\AdwCleaner[S1].txt
2013-08-02 22:31 - 2013-08-02 22:31 - 00666633 _____ C:\Users\lulu\Desktop\adwcleaner.exe
2013-08-02 22:17 - 2013-01-22 00:45 - 00000000 ____D C:\ProgramData\McAfee
2013-08-02 22:03 - 2013-08-02 22:03 - 00028691 _____ C:\ComboFix.txt
2013-08-02 22:03 - 2013-08-02 21:35 - 00000000 ____D C:\ComboFix
2013-08-02 22:03 - 2013-08-02 21:29 - 00000000 ____D C:\Qoobox
2013-08-02 22:03 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-08-02 21:57 - 2013-08-02 21:29 - 00000000 ____D C:\Windows\erdnt
2013-08-02 21:47 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-08-02 21:35 - 2013-08-02 21:35 - 00001453 _____ C:\Users\lulu\Desktop\ComboFix - Verknüpfung.lnk
2013-08-02 21:35 - 2013-08-02 21:35 - 00001149 _____ C:\Users\lulu\Desktop\avira3737_free_antivirus_de - Verknüpfung.lnk
2013-08-02 21:31 - 2013-08-02 21:31 - 05097855 _____ (Swearware) C:\Users\lulu\Desktop\ComboFix.exe
2013-08-02 21:29 - 2013-08-02 21:28 - 05097855 ____R (Swearware) C:\Users\lulu\Downloads\ComboFix.exe
2013-08-02 21:22 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Atheros
2013-08-02 21:21 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-08-02 21:15 - 2013-01-22 01:28 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-08-02 21:12 - 2013-01-22 01:28 - 00000000 ____D C:\ProgramData\WildTangent
2013-08-02 21:09 - 2013-08-02 21:08 - 24250211 _____ (Mozilla) C:\Users\lulu\Downloads\firefox-24.0a1.en-US.win64-x86_64.installer.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 21:07 - 2013-08-02 21:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 21:07 - 2013-08-02 21:07 - 00000000 ____D C:\Program Files\Java
2013-08-02 21:07 - 2013-01-22 00:42 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-02 21:07 - 2013-01-22 00:42 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-02 21:06 - 2013-08-02 21:06 - 33150376 _____ (Oracle Corporation) C:\Users\lulu\Downloads\jre-7u25-windows-x64.exe
2013-08-02 20:55 - 2013-07-08 15:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Adobe
2013-08-02 20:54 - 2013-08-02 20:54 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-08-02 20:54 - 2013-08-02 20:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-02 20:54 - 2013-01-22 01:08 - 00000000 ____D C:\ProgramData\Adobe
2013-08-02 20:21 - 2013-07-07 21:51 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1135051811-991919262-1634789686-1001
2013-08-02 19:44 - 2013-08-02 19:44 - 00117087 _____ C:\Users\lulu\Downloads\FRST.txt
2013-08-02 19:44 - 2013-08-02 19:43 - 00029057 _____ C:\Users\lulu\Downloads\Addition.txt
2013-08-02 19:41 - 2013-08-02 19:41 - 00000000 ____D C:\FRST
2013-08-02 19:40 - 2013-08-02 19:40 - 01781485 _____ (Farbar) C:\Users\lulu\Desktop\FRST64.exe
2013-08-02 19:06 - 2013-08-02 19:06 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-02 19:06 - 2013-08-02 19:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-02 19:05 - 2013-08-02 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lulu\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-02 15:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA
2013-08-02 15:06 - 2013-08-02 15:06 - 00000554 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-02 13:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-02 13:45 - 2013-07-07 23:05 - 00000000 ____D C:\Users\lulu\AppData\Local\Spotify
2013-08-02 13:41 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\Documents\Bluetooth Folder
2013-08-02 13:36 - 2013-08-02 13:36 - 00001048 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2013-08-02 13:36 - 2013-08-02 13:36 - 00000000 ____D C:\Program Files (x86)\AMR to MP3 Converter
2013-08-02 13:35 - 2013-08-02 13:35 - 02501012 _____ (amrtomp3converter.com ) C:\Users\lulu\Downloads\amrtomp3converter_setup [1].exe
2013-08-02 13:35 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-02 13:34 - 2013-08-02 13:34 - 00673560 _____ C:\Users\lulu\Downloads\amrtomp3converter_setup.exe
2013-08-02 13:26 - 2013-08-02 13:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-08-02 12:52 - 2013-08-02 12:52 - 02375693 ____R C:\Users\lulu\Desktop\berlin1.wma
2013-08-02 12:48 - 2013-08-02 12:48 - 02613663 ____R C:\Users\lulu\Desktop\dreamsofarandom2.wma
2013-08-02 12:43 - 2013-08-02 12:43 - 39954644 ____R C:\Users\lulu\Desktop\JOE - Unforgetable.wav
2013-08-02 12:39 - 2013-08-02 12:38 - 51333556 ____R C:\Users\lulu\Desktop\Joe_Paradise.wav
2013-08-01 12:02 - 2013-08-01 12:02 - 00003194 _____ C:\Windows\System32\Tasks\{28466327-7D4F-4E0B-B5A3-5970B83C67FC}
2013-08-01 11:59 - 2013-01-22 01:13 - 00000000 ____D C:\Program Files\McAfeeEx
2013-08-01 11:04 - 2013-08-01 11:04 - 02092792 _____ C:\Users\lulu\Downloads\avira_free_antivirus.exe
2013-07-31 16:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-23 11:28 - 2013-07-23 11:28 - 00018091 _____ C:\Users\lulu\Desktop\BA_Class and Sexuality in British Fiction_Petersmann_Laura.odt
2013-07-21 23:42 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte US
2013-07-21 12:00 - 2013-07-21 11:50 - 104943936 _____ C:\Users\lulu\Downloads\avira3737_free_antivirus_de.exe
2013-07-20 13:57 - 2013-07-20 13:57 - 00001457 _____ C:\Users\lulu\AppData\Local\RecConfig.xml
2013-07-20 13:24 - 2013-07-20 13:24 - 00001016 _____ C:\Users\lulu\Desktop\No23 Recorder.lnk
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2013-07-20 13:24 - 2013-07-20 13:24 - 00000000 ____D C:\Users\lulu\AppData\Local\No23 Recorder
2013-07-20 13:23 - 2013-07-20 13:23 - 02497825 _____ (No23) C:\Users\lulu\Downloads\No23Recorder2103.exe
2013-07-20 12:33 - 2013-07-08 20:32 - 00000000 ____D C:\Users\lulu\Documents\FIN
2013-07-20 11:53 - 2013-01-22 00:45 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-19 11:23 - 2013-07-19 11:19 - 00321770 _____ C:\1020.log
2013-07-19 11:22 - 2013-07-19 11:22 - 03209144 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win64-de.exe
2013-07-19 11:22 - 2013-07-19 11:22 - 00000000 ____D C:\Program Files\HP
2013-07-19 11:21 - 2013-07-07 22:12 - 00000000 ____D C:\Users\lulu\AppData\Local\CrashDumps
2013-07-19 11:19 - 2013-07-19 11:19 - 02717344 _____ C:\Users\lulu\Downloads\lj1018_1020_1022-HB-pnp-win32-de.exe
2013-07-19 11:19 - 2013-07-19 11:19 - 00000000 ____D C:\Program Files (x86)\HP
2013-07-18 10:24 - 2013-07-18 10:24 - 00447840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 23:00 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-17 18:23 - 2013-07-08 00:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-17 18:17 - 2013-07-17 18:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-17 18:13 - 2012-07-26 07:26 - 00000199 _____ C:\Windows\win.ini
2013-07-17 17:54 - 2013-07-17 17:54 - 00001967 _____ C:\Users\lulu\Desktop\word.lnk
2013-07-16 09:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-15 23:01 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-15 23:01 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-15 09:28 - 2013-07-08 15:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-14 20:55 - 2013-07-08 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 20:53 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 20:50 - 2013-07-08 09:49 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 22:10 - 2013-07-11 21:49 - 00011264 ___SH C:\Users\lulu\Downloads\Thumbs.db
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\Documents\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\Users\lulu\AppData\Roaming\CyberLink
2013-07-11 10:23 - 2013-07-11 10:23 - 00000000 ____D C:\ProgramData\CyberLink
2013-07-08 20:32 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\alles
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\UNI
2013-07-08 20:31 - 2013-07-08 20:31 - 00000000 ____D C:\Users\lulu\Documents\Bewerbungen
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Documents\FOTO
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\Lit zu OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte RAT
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA Stichpunkte OCB
2013-07-08 20:30 - 2013-07-08 20:30 - 00000000 ____D C:\Users\lulu\Desktop\BA ALL
2013-07-08 20:27 - 2013-07-08 20:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-07-08 20:27 - 2012-07-26 09:21 - 00020708 _____ C:\Windows\setupact.log
2013-07-08 15:54 - 2013-07-07 21:42 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Adobe
2013-07-08 15:32 - 2013-07-08 15:32 - 00000000 ____D C:\Users\lulu\AppData\Local\Macromedia
2013-07-08 15:15 - 2013-07-08 09:39 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-08 15:10 - 2013-07-08 15:10 - 00003548 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-08 15:10 - 2013-07-08 14:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-08 15:10 - 2013-07-07 21:43 - 00000000 ___RD C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-08 15:10 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\Packages
2013-07-08 15:10 - 2012-08-03 04:25 - 00000000 ____D C:\ProgramData\PRICache
2013-07-08 14:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-08 14:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-08 14:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-08 13:43 - 2013-07-08 13:43 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-08 13:42 - 2013-07-08 13:42 - 07872648 _____ (Adobe Systems Inc.) C:\Users\lulu\Downloads\Shockwave_Installer_Slim.exe
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\Users\lulu\AppData\Local\Mozilla
2013-07-08 09:39 - 2013-07-08 09:39 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-08 02:05 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-08 00:36 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-07-08 00:35 - 2013-07-08 00:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-07-08 00:35 - 2012-10-20 02:28 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-07-08 00:34 - 2013-07-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-08 00:34 - 2013-01-22 01:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-07-08 00:33 - 2013-07-08 00:33 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-07-08 00:32 - 2013-07-08 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files\Microsoft Office
2013-07-08 00:31 - 2013-07-08 00:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-07-08 00:30 - 2013-07-08 00:30 - 00000000 ____D C:\Users\lulu\AppData\Local\Microsoft Help
2013-07-08 00:29 - 2013-07-08 00:29 - 00000000 ___RD C:\MSOCache
2013-07-07 23:54 - 2013-01-22 00:48 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2013-07-07 23:53 - 2013-07-07 21:44 - 00000000 ____D C:\ProgramData\Atheros
2013-07-07 23:05 - 2013-07-07 23:05 - 00001799 _____ C:\Users\lulu\Desktop\Spotify.lnk
2013-07-07 23:05 - 2013-07-07 23:05 - 00001785 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-07-07 22:58 - 2013-07-07 21:41 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Sony Corporation
2013-07-07 22:11 - 2013-07-07 22:11 - 00000000 ____D C:\Users\lulu\AppData\Roaming\Macromedia
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Roaming\ATI
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\Sony Corporation
2013-07-07 21:45 - 2013-07-07 21:45 - 00000000 ____D C:\Users\lulu\AppData\Local\ATI
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-07 21:44 - 2013-07-07 21:44 - 00000000 ____D C:\Users\lulu\AppData\Local\BMExplorer
2013-07-07 21:43 - 2013-07-07 21:39 - 00000000 ____D C:\Users\lulu
2013-07-07 21:42 - 2013-07-07 21:42 - 00001438 _____ C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-07 21:42 - 2013-01-22 01:07 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-07-07 21:42 - 2013-01-22 00:17 - 00000000 ____D C:\Program Files\Sony
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\SysWOW64\VAIO Startup Setting Tool
2013-07-07 21:41 - 2013-07-07 21:41 - 00000000 ____D C:\Windows\pss
2013-07-07 21:40 - 2013-07-07 21:40 - 00000000 ____D C:\Users\lulu\AppData\Local\VirtualStore
2013-07-07 21:40 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-07-07 21:39 - 2013-07-07 21:39 - 00000020 ___SH C:\Users\lulu\ntuser.ini
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Vorlagen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Startmenü
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Netzwerkumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Lokale Einstellungen
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Eigene Dateien
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Druckumgebung
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Musik
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Documents\Eigene Bilder
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Verlauf
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\AppData\Local\Anwendungsdaten
2013-07-07 21:39 - 2013-07-07 21:39 - 00000000 _SHDL C:\Users\lulu\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Programme
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-07 21:15 - 2013-07-07 21:15 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-07 21:15 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-31 09:53
==================== End Of Log ============================
--- --- --- |
|
02.08.2013, 22:39
| #13 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, 1. wenn du Software instalierst, bitte: - Google immer das Programm, welches du instalieren möchtest, das Stichwort Adware zur suche, so kann man evtl. Instalationen gleich aussortieren die bekannt dafür sind, unerwünschte Software zu instalieren. - Lies die AGBS's bzw Lizenzverträge immer richtig, dort sollte auf Drittanbietersoftware hingewiesen werden. - Instaliere, wenn möglich, Programme immer nutzerdefiniert, um Toolbars etc abwählen zu können. 2. Funktioniert MCafee wieder? Prüfe das, in dem du das Programm mal öffnest. 3. bitte teste, ob es im Firefox, internet explorer, und sonstigen evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen. Wenn alles nach Wunsch läuft: 4. Die Reihenfolge ist hier entscheidend.
5. PC absichern, wir haben Moment, keine passene Anleitung für win8, lies einfach den Abschnitt für win7, da sollte das meiste passen. Der Rest der Anleitung zur absicherung, also Drittanbietersoftware, ist alles für Win8 nutzbar. als antimalware programm würde ich emsisoft empfehlen. diese haben für mich den besten schutz kostet aber etwas. Computeractive Software Store - Emsisoft Anti-Malware 8 [1-PC] - 63% off RRP testversion: Meine Antivirus-Empfehlung: Emsisoft Anti-Malware insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren. vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen. kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen. http://www.trojaner-board.de/110895-...antivirus.html sag mir welches du nutzt, dann gebe ich konfigurationshinweise. bitte dein bisheriges av deinstalieren die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch! http://www.trojaner-board.de/96344-a...-rechners.html Starte bitte mit der Passage, Windows Vista und Windows 7 Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist. aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen. als browser rate ich dir zu chrome: http://support.google.com/chrome/bin...&answer=118663 anleitung lesen bitte falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen. Sandboxie Die devinition einer Sandbox ist hier nachzulesen: Sandbox Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen. Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen. Download Link: Sandboxie - Download - Filepony anleitung: http://www.trojaner-board.de/71542-a...sandboxie.html ausführliche anleitung als pdf, auch abarbeiten: Sandbox Einstellungen | bitte folgende zusatz konfiguration machen: sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen. dort klicke auf sandbox einstellungen. beschrenkungen, bei programm start und internet zugriff schreibe: chrome.exe dann gehe auf anwendungen, webbrowser, chrome. dort aktiviere alles außer gesammten profil ordner freigeben. Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen. Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate. Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten. Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten. Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar. Weiter mit: Maßnahmen für ALLE Windows-Versionen alles komplett durcharbeiten anmerkung zu file hippo. in den settings zusätzlich auswählen: hide beta updates. Run updateChecker when Windows starts Backup Programm: in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an: http://www.trojaner-board.de/82962-w...en-backup.html Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar. Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist. Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern bitte auch lesen, wie mache ich programme für alle sichtbar: Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox. wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst. wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser passwort sicherheit: jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort bei der passwort verwaltung und erstellung hilft roboform Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager anleitung: http://www.roboform.com/de/manual.htmlb
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.08.2013, 23:47
| #14 |
| | werbetrojaner windows 8; malewarebytes über 100 funde puuh, ziemlich lang - aber dafür umso größer mein Dankeschön für die ausführliche Anleitung! Ich habe jetzt fast alles durch, aber einige Sachen haben bei mir nicht funktioniert, wie: datenausführungsverhinderung und windows fix it. beim Antiviren-Programm habe ich mich jetzt erstmal für Avast entschieden. Wirklich vielen Dank für alles! |
|
03.08.2013, 00:37
| #15 |
| /// Malware-holic | werbetrojaner windows 8; malewarebytes über 100 funde Hi, ja alles funktioniert nicht bzw ist bereits in Win8 aktiv. ich möchte erst mal anhand einer checkliste prüfen ob du alles hast. - instalieren von optionalen und wichtigen updates. - konfigurieren von windows updates. - chrome instalieren. - sandboxie instalieren. - autorun deaktivieren. - panda vaccine instalieren. - secunia instalieren. - file hippo instalieren. beachte: secunia und file hippo bieten englische updates, überall wo du auf die nutzeroberfläche zugreifst, wie zb reader, browser, etc benötigst du deutsche updates, also hier die hersteller seiten in den favoriten deines browsers speichern und wenn ein update gezeigt wird, von dort hohlen, bei java, flash quicktime, ist es egal ob deutsch oder englisch. - backup software instalieren, backup und rettungsdvd erstellen. hier ne kurze anleitung: Anleitung: Systemabbild mit Paragon Drive Backup - NETZWELT - wenn du onlinebanking machst, kann ich noch kurz was über die vorteile von card reader und banking software sagen. - passwort manager instaliert.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu werbetrojaner windows 8; malewarebytes über 100 funde |
| betriebssystem, deinstalliert, geschützt, grün unterstrichen, meldungen, mögliche, optional, pup optional, pup.babylon.a, pup.delta.a, pup.optional.a.babsolution, pup.optional.addlyrics, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.browserdefender.a, pup.optional.delta.a, pup.optional.lyricxeeker.a, pup.optional.lyrixeeker, pup.optional.startpage, security, trojan.inject, unterstrichen, werbetrojaner, woche, wörter grün |
WARNUNG an die MITLESER: 
Linear-Darstellung
