Lollipop, Search Protect etc. alles auf einmal!

RA510 · 24.01.2014, 01:57

Hallo Leute!
Ich hab seit ca. 5 Jahren mein Laptop mit Vista drauf und nie Probleme gehabt. Heute ist mir ein "neues" Programm aufgefallen - search Protect. Habs gegoogelt, ist nichts gutes. Dazu noch Lollipop, Surftastic, Sup-irgendwas und noch etwas, das ich nicht entziffern kann, gefunden. Wie lange es schon drauf ist, weiß ich nicht, nur dass mein Mann vor paar Tagen nach irgendeinem Programm auf der Suche war. Also ich vermute, der hat das Zeugs eingeschleust. Avast hat übrigens nichts angemeckert.
Meine Frage ist, kann ich mein Laptop gleich verschrotten oder ist der noch zu retten? Ich hab gehört um wirklich alles sauber zu kriegen, sollte man am besten neu formatieren? Geht es überhaupt, wenn ich keine Sicherungskopie (ich weiß nicht ob es wirklich so heißt) von Windows gemacht habe?
Und was passiert mit Daten die noch drauf sind (Bilder, verschiedene Dateien, Musik)? Ist es alles infiziert?
Oder kann man den Rechner noch bereinigen? Was soll ich machen?
Vielen Dank im Voraus
LG Ra

aharonov · 24.01.2014, 03:28

Hallo,

die Programme, die du nennst, tönen nur nach lästiger (aber harmloser) Adware. Schauen wir mal rein:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

RA510 · 24.01.2014, 15:15

Danke für die schnelle Antwort!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by Raisa (administrator) on RAISA-PC on 24-01-2014 15:04:07
Running from C:\Users\Raisa\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 4\Integrator.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(OpenOffice.org) C:\Program Files\program\soffice.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(OpenOffice.org) C:\Program Files\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6295552 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [122880 2008-02-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-01-23] (AVAST Software)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-07-30] (Sony Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-06] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [98304 2009-01-08] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [NextLive] - C:\Users\Raisa\AppData\Roaming\newnext.me\nengine.dll [1283584 2014-01-06] (NewNextDotMe)
MountPoints2: {94b71db8-2035-11e2-bf63-00214f4af5a0} - G:\Startme.exe
MountPoints2: {9fa666d7-fc01-11e0-9766-00214f4af5a0} - G:\Startme.exe
MountPoints2: {ee322bcb-29e9-11e2-bc94-001dba838256} - G:\Startme.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
AppInit_DLLs: c:\progra~2\browse~1\261519~1.190\{c16c1~1\browse~1.dll => File Not Found
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-09] (Google)
Startup: C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
URLSearchHook: HKLM - (No Name) - {adca5064-9e30-43fe-9856-58b07a3149fe} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f1fdc7dd-1cea-4b4e-b5da-95a3a289e859&searchtype=ds&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: No Name - {53707962-6F74-2D53-2644-206D7942484F} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} -  No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {ADCA5064-9E30-43FE-9856-58B07A3149FE} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
FF DefaultSearchEngine: nationzoom
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: nationzoom
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
FF Extension: Extension_Protected - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-20]
FF Extension: Surftastic - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\firefox@surftastic.net.xpi [2014-01-07]
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-10-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-26]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-20]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Extended Protection) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-20]
CHR Extension: (Google-Suche) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (avast! Online Security) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2011-01-31]
CHR HKLM\...\Chrome\Extension: [ijaoebhddbobhgpdppaciidhnaffgomb] - C:\Program Files\Surftastic\ijaoebhddbobhgpdppaciidhnaffgomb.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]
CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-20]
CHR HKCU\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]
CHR StartMenuInternet: Google Chrome - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.nationzoom.com/?type=sc&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-23] (AVAST Software)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-07-30] (Sony Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-20] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-23] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-01-08] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [143328 2008-06-28] (Realtek Semiconductor Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 4\ProcObsrv.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-24 15:04 - 2014-01-24 15:04 - 00026569 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-24 15:04 - 2014-01-24 15:04 - 00000000 ____D C:\FRST
2014-01-24 15:02 - 2014-01-24 15:02 - 01222144 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-23 15:34 - 2014-01-23 15:35 - 01236282 _____ C:\Users\Raisa\Downloads\adwcleaner_3.017.exe
2014-01-23 14:49 - 2014-01-23 14:49 - 00000000 ____D C:\Windows\system32\SearchProtect
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-21 18:14 - 2014-01-21 18:20 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Systweak
2014-01-21 18:14 - 2014-01-21 18:18 - 00000000 ____D C:\Program Files\Advanced System Protector
2014-01-21 18:14 - 2014-01-21 18:17 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-20 22:02 - 2014-01-24 14:57 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\newnext.me
2014-01-20 22:02 - 2014-01-21 18:18 - 00000000 ____D C:\Users\Raisa\AppData\Local\Mobogenie
2014-01-20 22:02 - 2014-01-21 18:18 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-20 22:02 - 2014-01-21 18:15 - 00000000 ____D C:\Users\Raisa\AppData\Local\genienext
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\Documents\Mobogenie
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-24 00:30 - 00000000 ____D C:\Users\Raisa\AppData\Local\Lollipop
2014-01-20 22:01 - 2014-01-20 22:08 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\ProgramData\WPM
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Program Files\SupTab
2014-01-20 22:00 - 2014-01-23 22:57 - 00000000 ____D C:\Users\Raisa\AppData\Local\SwvUpdater
2014-01-20 22:00 - 2014-01-23 20:34 - 00000356 _____ C:\Windows\Tasks\AmiUpdXp.job
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic
2014-01-20 15:41 - 2014-01-20 16:34 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

==================== One Month Modified Files and Folders =======

2014-01-24 15:04 - 2014-01-24 15:04 - 00026569 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-24 15:04 - 2014-01-24 15:04 - 00000000 ____D C:\FRST
2014-01-24 15:02 - 2014-01-24 15:02 - 01222144 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-24 15:00 - 2009-01-05 19:59 - 01441122 _____ C:\Windows\WindowsUpdate.log
2014-01-24 14:57 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\newnext.me
2014-01-24 14:56 - 2013-11-20 20:40 - 00000320 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-24 14:56 - 2013-11-20 20:40 - 00000000 ____D C:\Program Files\Glary Utilities 4
2014-01-24 14:56 - 2012-12-15 19:50 - 00000620 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-01-24 14:56 - 2010-09-23 11:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-24 14:56 - 2009-01-25 17:11 - 00000514 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-24 14:56 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 14:56 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-24 14:56 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-24 14:55 - 2013-10-31 16:53 - 00086528 _____ C:\Windows\PFRO.log
2014-01-24 00:35 - 2013-03-17 21:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 00:35 - 2008-08-11 10:29 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-24 00:35 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-24 00:33 - 2010-09-23 11:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-24 00:30 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Local\Lollipop
2014-01-23 22:57 - 2014-01-20 22:00 - 00000000 ____D C:\Users\Raisa\AppData\Local\SwvUpdater
2014-01-23 22:07 - 2011-06-11 17:53 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA.job
2014-01-23 22:07 - 2011-06-11 17:53 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core.job
2014-01-23 20:34 - 2014-01-20 22:00 - 00000356 _____ C:\Windows\Tasks\AmiUpdXp.job
2014-01-23 15:35 - 2014-01-23 15:34 - 01236282 _____ C:\Users\Raisa\Downloads\adwcleaner_3.017.exe
2014-01-23 15:20 - 2013-03-03 13:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-23 15:20 - 2011-04-26 10:30 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-23 15:20 - 2010-08-18 10:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-23 15:20 - 2010-05-04 00:15 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-23 15:20 - 2010-05-04 00:15 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00001884 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-23 15:11 - 2009-01-05 20:03 - 00000000 ____D C:\Users\Raisa
2014-01-23 14:49 - 2014-01-23 14:49 - 00000000 ____D C:\Windows\system32\SearchProtect
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-21 18:20 - 2014-01-21 18:14 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Systweak
2014-01-21 18:18 - 2014-01-21 18:14 - 00000000 ____D C:\Program Files\Advanced System Protector
2014-01-21 18:18 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Mobogenie
2014-01-21 18:18 - 2014-01-20 22:02 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-21 18:17 - 2014-01-21 18:14 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-21 18:15 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\genienext
2014-01-20 22:43 - 2009-01-11 23:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-20 22:08 - 2014-01-20 22:01 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:05 - 2008-01-21 08:16 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\Documents\Mobogenie
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\ProgramData\WPM
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Program Files\SupTab
2014-01-20 22:01 - 2009-01-05 20:03 - 00001151 _____ C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-20 22:01 - 2008-08-11 11:50 - 00001811 _____ C:\Users\Raisa\Desktop\Registrieren Sie Ihren VAIO.lnk
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic
2014-01-20 16:34 - 2014-01-20 15:41 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-17 15:36 - 2012-07-31 14:48 - 00000000 ____D C:\Users\Raisa\Desktop\Filme
2014-01-17 15:32 - 2013-08-11 15:56 - 00000000 ____D C:\Users\Raisa\Downloads\Kontoauszug
2014-01-16 14:39 - 2011-11-27 14:39 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2014-01-15 22:56 - 2013-05-01 20:24 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\vlc
2014-01-12 18:02 - 2009-01-05 20:22 - 00045056 _____ C:\Users\Raisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-12 15:51 - 2011-04-19 18:20 - 00000000 ____D C:\Program Files\JDownloader
2014-01-03 15:12 - 2012-01-04 21:10 - 00000766 _____ C:\Users\Raisa\Desktop\WiiBackupManager_Win32.exe - Verknüpfung.lnk
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

Some content of TEMP:
====================
C:\Users\Raisa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Raisa\AppData\Local\Temp\DownloadManager.exe
C:\Users\Raisa\AppData\Local\Temp\nsoCA28.exe
C:\Users\Raisa\AppData\Local\Temp\nst5A24.exe
C:\Users\Raisa\AppData\Local\Temp\nsxD7DD.exe
C:\Users\Raisa\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Raisa\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Raisa\AppData\Local\Temp\_is2BFF.exe
C:\Users\Raisa\AppData\Local\Temp\_is2FF5.exe
C:\Users\Raisa\AppData\Local\Temp\_is5939.exe
C:\Users\Raisa\AppData\Local\Temp\_is6F36.exe
C:\Users\Raisa\AppData\Local\Temp\_is893E.exe
C:\Users\Raisa\AppData\Local\Temp\_isA533.exe
C:\Users\Raisa\AppData\Local\Temp\_isA8BD.exe
C:\Users\Raisa\AppData\Local\Temp\_isB6E0.exe
C:\Users\Raisa\AppData\Local\Temp\_isD367.exe
C:\Users\Raisa\AppData\Local\Temp\{4CC9D323-6320-45DD-8205-0AA14512E840}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2011-06-23 17:00] - [2009-03-03 05:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-24 15:03

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2014
Ran by Raisa at 2014-01-24 15:04:48
Running from C:\Users\Raisa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (Version:  - )
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512 - ABBYY Software House)
ABDA Datenbank (Version:  - )
abgx360 v1.0.6 (Version:  - )
Adobe Acrobat  8 Standard - English, Français, Deutsch (Version: 8.1.6 - Adobe Systems) Hidden
Adobe Acrobat 8.1.6 - CPSID_49167 (Version:  - Adobe Systems Incorporated)
Adobe Acrobat 8.1.6 Standard (Version: 8.1.6 - Adobe Systems)
Adobe Common File Installer (Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Premiere Elements 4.0 (Version: 4.0 - Ihr Firmenname)
Adobe Premiere Elements 4.0 (Version: 4.0 - Ihr Firmenname) Hidden
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0 - Ihr Firmenname)
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0 - Ihr Firmenname) Hidden
Alps Pointing-device for VAIO (Version:  - )
ArcSoft WebCam Companion 2 (Version:  - ArcSoft)
avast! Free Antivirus (Version: 9.0.2013 - Avast Software)
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter (Version: 2.5 - Sony Corporation)
BrowserDefender (Version:  - ) <==== ATTENTION
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0717.2343.40629 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0717.2343.40629 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Czech (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Danish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Dutch (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help English (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Finnish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help French (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help German (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Greek (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Italian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Japanese (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Korean (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Polish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Russian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Spanish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Swedish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Thai (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Turkish (Version: 2008.0717.2342.40629 - ATI) Hidden
ccc-core-static (Version: 2008.0717.2343.40629 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0717.2343.40629 - ATI) Hidden
CDBurnerXP (Version: 4.5.2.4214 - CDBurnerXP)
Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc Editor (Version: 1.2.00 - Sony Corporation)
Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
CloneCD (Version:  - SlySoft)
Dolby Control Center (Version: 1.2.0702 - Dolby)
ElsterFormular-Upgrade (Version: 14.1.11318 - Landesfinanzdirektion Thüringen)
Epson Easy Photo Print 2 (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (Version:  - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (Version:  - )
Epson Stylus SX510W_TX550W Handbuch (Version:  - )
EPSON SX510W Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (Version: 3.1c - SEIKO EPSON CORPORATION)
FormatFactory 1.80 (Version: 1.80 - Free Time)
Freemake Video Downloader (Version: 3.5.3 - Ellora Assets Corporation)
freemakeTB Toolbar (Version: 6.8.9.0 - freemakeTB)
Glary Utilities 4.0 (Version: 4.0.0.53 - Glarysoft Ltd)
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
Google Desktop (Version: 5.9.1005.12335 - Google)
Google Drive (Version: 1.13.5782.599 - Google, Inc.)
Google Earth (Version: 4.2.198.2451 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (Version:  - )
IePluginService12.27.0.3326 (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Java 7 Update 25 (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (Version: 0.9 - AppWork GmbH)
Jewel Master (Version:  - cerasus.media GmbH)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (Version: 1.2.00.17290 - Sony Corporation)
OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation)
OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation) Hidden
OpenOffice.org 3.4.1 (Version: 3.41.9593 - Apache Software Foundation)
Primo (Version: 1.00.0000 - Your Company Name) Hidden
SAMSUNG Mobile Composite Device Software (Version:  - )
SAMSUNG Mobile Modem Driver Set (Version:  - )
Samsung Mobile phone USB driver Software (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (Version:  - )
SAMSUNG Mobile USB Modem Software (Version:  - )
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Setting Utility Series (Version: 4.1.00.07300 - Sony Corporation)
Skins (Version: 2008.0717.2343.40629 - ATI) Hidden
Skype™ 5.9 (Version: 5.9.123 - Skype Technologies S.A.)
Software Version Updater (Version: 1.1.3.8 - ) <==== ATTENTION
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (Version: 2.5 - Sony Corporation)
SonicStage Mastering Studio Plugins (Version: 2.5 - Sony Corporation)
Sony Ericsson Update Engine (Version: 2.12.13.28 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.181 (Version: 2.10.181 - Sony)
Sony Picture Utility (Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (Version: 3.4.00 - Sony Corporation)
Spybot - Search & Destroy (Version: 2.0.12 - Safer-Networking Ltd.)
SupTab (Version: 1.1.1.0 - )
Surftastic (Version: 2014.01.07.224109 - Surftastic)
Unterstützung für VAIO-Präsentation (Version: 1.0.00.04240 - Sony Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
VAIO Content Folder Setting (Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130 - Sony Corporation)
VAIO Edit Components 6.4 (Version: 6.4 - Sony Corporation)
VAIO Energie Verwaltung (Version: 3.1.00.08060 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (Version: 4.1.00.07150 - Sony Corporation)
VAIO Guide (Version: 2.4.00.06190 - Sony Corporation)
VAIO Launcher (Version: 2.1.00.06130 - Sony Corporation)
VAIO Marketing Tools (Version:  - Sony Corporation)
VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (Version: 1.4.00.04230 - Sony Corporation)
VAIO Smart Network (Version: 2.1.00.07300 - Sony Corporation)
VAIO Update 4 (Version: 4.0.0.06110 - Sony Corporation)
VAIO Wallpaper Contents (Version: 1.2.00.05200 - Sony Corporation)
VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
WIDCOMM Bluetooth Software 6.2.0.4100 (Version: 6.2.0.4100 - Broadcom Corporation)
WinDVD BD for VAIO (Version: 8.0-B9.516 - InterVideo Inc.)
WinDVD BD for VAIO (Version: 8.0-B9.516 - InterVideo Inc.) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)
WPM17.8.0.3325 (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

08-01-2014 14:41:39 Geplanter Prüfpunkt
09-01-2014 04:12:52 Windows Update
12-01-2014 15:04:55 Windows Update
15-01-2014 17:46:46 Windows Update
20-01-2014 14:21:37 Windows Update
20-01-2014 21:07:09 Removed Registry Dr
23-01-2014 14:06:25 Windows Update
23-01-2014 14:18:49 avast! antivirus system restore point

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {133E3D57-492A-451A-BB47-B7C81ACF4433} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3CE59F72-7C70-4087-A033-FC08307D9791} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {408E3C6E-D504-4A7B-B42E-35AFAABCAD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-06] (Google Inc.)
Task: {44066263-2715-4EB4-935D-A5BB472845F8} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\Glary Utilities 4\Initialize.exe [2013-11-19] (Glarysoft Ltd)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4549E1CF-032D-486E-A02A-5D3B64453D54} - System32\Tasks\RegistryDr_Popup => C:\Program Files\Registry Dr\Splash.exe
Task: {50DF8DC4-85ED-4507-AF2A-904E4FC312D0} - System32\Tasks\RegistryDr_Start => C:\Program Files\Registry Dr\RegistryDr.exe
Task: {53099AEE-C553-4EBA-9D84-0B9A71EFA6ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {57F4C77E-20F0-4D9B-8FAB-75C136CE1CA7} - System32\Tasks\Start Registry Reviver => C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {62F88653-B016-4925-B2B6-47CFC0BC4AE7} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {64E68FFC-2B47-4B7D-A971-A5759AB0FFC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-23] (Google Inc.)
Task: {737541E3-3053-422F-AC24-111184A5099F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-06] (Google Inc.)
Task: {73A15203-CCF8-451A-AF70-4B898F725A1B} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-06-11] (Sony Corporation)
Task: {8CF60F31-10F8-40A9-98A8-B84880EA13F9} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {A4966B0C-A9C7-4C1E-8CE8-B01FC2ADD830} - System32\Tasks\Microsoft\Windows\RestartManager\{7F272960-7DBF-45db-AB27-C3AFEFA04FB0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {AF906CBC-40E6-4BEF-A3EE-54F4494BD5A7} - System32\Tasks\OpenCandyHelperRunAsStandardUserAC4FF5D9DC0E4C93ACDCFFFFA793FF30 => Firefox.exe 
Task: {BCF36CD7-C308-4AA9-8CC1-CB8DE6C1B86D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-23] (Google Inc.)
Task: {C9693628-2205-4AC2-879F-F476C42DC4FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-01-23] (AVAST Software)
Task: {DA6C5E94-7271-4F5D-B42F-56CBED5E1037} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {ED5F6990-BE47-4A53-90FF-9AFB9B354D7C} - \GlaryInitialize 3 No Task File
Task: {EF1169A8-923A-425E-8517-8C1DB734F869} - System32\Tasks\Microsoft\Windows\RestartManager\{93F69634-A912-478a-ADC5-E64885761870} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Raisa\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core.job => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA.job => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2008-08-11 19:55 - 2008-07-30 01:12 - 00159744 ____N () C:\Windows\system32\atitmmxx.dll
2013-11-19 04:56 - 2013-11-19 04:56 - 00080160 _____ () C:\Program Files\Glary Utilities 4\zlib1.dll
2011-11-27 14:36 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-11-27 14:36 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2012-12-15 19:49 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-10-31 16:00 - 2013-10-31 16:00 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2008-07-01 07:43 - 2008-07-01 07:43 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\program\libxml2.dll
2014-01-17 15:28 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-17 15:28 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-17 15:28 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2008-08-22 11:08 - 2008-08-22 11:08 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2007-12-06 14:59 - 2007-12-06 14:59 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:3E4081651289E7D2

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2014 02:56:38 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/24/2014 02:56:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2014 00:11:00 AM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/24/2014 00:10:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2014 03:49:17 PM) (Source: Application Hang) (User: )
Description: Programm SDFiles.exe, Version 2.0.12.135 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 8c0
Anfangszeit: 01cf1848db6c3659
Zeitpunkt der Beendigung: 16

Error: (01/23/2014 03:38:57 PM) (Source: Application Hang) (User: )
Description: Programm SDFiles.exe, Version 2.0.12.135 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1aac
Anfangszeit: 01cf1848ad525519
Zeitpunkt der Beendigung: 15

Error: (01/23/2014 03:23:28 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/23/2014 03:23:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2014 03:21:18 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (01/23/2014 03:18:49 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {bf5f2303-56e9-4ac4-a13e-f9e2fd3284d8}


System errors:
=============
Error: (01/24/2014 02:57:32 PM) (Source: ipnathlp) (User: )
Description: Ein DHCP-Server mit der IP-Adresse 192.168.0.1 wurde von der DHCP-Zuweisung im selben Netzwerk gefunden, wie die Schnittstelle mit der IP-Adresse 192.168.0.102. Die Zuweisung wurde auf der Schnittstelle automatisch deaktiviert, um DHCP-Clientkonflikte zu vermeiden.

Error: (01/24/2014 02:56:48 PM) (Source: ipnathlp) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (01/24/2014 02:56:47 PM) (Source: ipnathlp) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (01/24/2014 02:56:34 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/24/2014 02:56:16 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402

Error: (01/24/2014 02:56:16 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (01/24/2014 00:13:22 AM) (Source: ipnathlp) (User: )
Description: Ein DHCP-Server mit der IP-Adresse 192.168.0.1 wurde von der DHCP-Zuweisung im selben Netzwerk gefunden, wie die Schnittstelle mit der IP-Adresse 192.168.0.102. Die Zuweisung wurde auf der Schnittstelle automatisch deaktiviert, um DHCP-Clientkonflikte zu vermeiden.

Error: (01/24/2014 00:11:02 AM) (Source: ipnathlp) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (01/24/2014 00:10:45 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/24/2014 00:09:19 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos


Microsoft Office Sessions:
=========================
Error: (01/24/2014 02:56:38 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/24/2014 02:56:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2014 00:11:00 AM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/24/2014 00:10:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2014 03:49:17 PM) (Source: Application Hang)(User: )
Description: SDFiles.exe2.0.12.1358c001cf1848db6c365916

Error: (01/23/2014 03:38:57 PM) (Source: Application Hang)(User: )
Description: SDFiles.exe2.0.12.1351aac01cf1848ad52551915

Error: (01/23/2014 03:23:28 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/23/2014 03:23:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/23/2014 03:21:18 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (01/23/2014 03:18:49 PM) (Source: VSS)(User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {bf5f2303-56e9-4ac4-a13e-f9e2fd3284d8}


CodeIntegrity Errors:
===================================
  Date: 2013-11-07 21:39:10.664
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:10.523
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:00.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:00.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:38:49.209
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:38:49.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-08 16:04:28.844
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-08 16:04:27.941
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-08 16:03:55.209
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-08 16:03:55.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 3038.12 MB
Available physical RAM: 1712.34 MB
Total Pagefile: 6283.24 MB
Available Pagefile: 4730.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:286.87 GB) (Free:126.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: F8DF97B2)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=287 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aharonov · 24.01.2014, 15:24

Ok.

Schritt 1

Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort der Reihe nach folgende Einträge:
BrowserDefender
IePluginService12.27.0.3326
Software Version Updater
WPM17.8.0.3325
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Log von AdwCleaner
Log von FRST

RA510 · 24.01.2014, 16:18

erledigt

AdwCleaner

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 24/01/2014 um 16:09:09
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzername : Raisa - RAISA-PC
# Gestartet von : C:\Users\Raisa\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files\Advanced System Protector
Ordner Gelöscht : C:\Program Files\Mobogenie
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Program Files\SupTab
Ordner Gelöscht : C:\Program Files\freemakeTB
Ordner Gelöscht : C:\Windows\system32\Searchprotect
Ordner Gelöscht : C:\Users\Raisa\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Raisa\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Raisa\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Raisa\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Raisa\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Raisa\AppData\LocalLow\freemakeTB
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\Desktopicon
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\software4u
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Raisa\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\ICQToolbarData
Ordner Gelöscht : C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Windows\Tasks\AmiUpdXp.job

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Raisa\Desktop\Registrieren Sie Ihren VAIO.lnk
Verknüpfung Desinfiziert : C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Raisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF906CBC-40E6-4BEF-A3EE-54F4494BD5A7}
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200
Schlüssel Gelöscht : HKCU\Software\5a53d68bbc38bf47
Schlüssel Gelöscht : HKLM\SOFTWARE\5a53d68bbc38bf47
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB468DEB-B219-4BAE-BA7E-A8000B6AF0A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B99661C2-18BD-449C-8594-60293BCD2304}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{044114E3-4BEA-4B87-A0CB-DBBE6AD64353}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\freemakeTB
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\freemakeTB
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\freemakeTB Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SupTab
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\freemakeTB Toolbar
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\261519~1.190\{c16c1~1\browse~1.dll
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browser ] *****

-\\ Internet Explorer v7.0.6001.18639

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.nationzoom.com/newtab/?type=nt&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "nationzoom");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "freemakeTB Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3214568&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "nationzoom");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.nationzoom.com/?type=hp&ts=1390251674&from=amt&uid=TOSHIBAXMK3252GSX_58GMF25FSXX58GMF25FS");
Zeile gelöscht : user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0[...]
Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Zeile gelöscht : user_pref("icqtoolbar.displayHistory", false);
Zeile gelöscht : user_pref("icqtoolbar.engineVerified", true);
Zeile gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options itb_zoom_in itb_zoom_default itb_zoom_out itb_highlight itb_games itb_people");
Zeile gelöscht : user_pref("icqtoolbar.historyCapacity", 0);
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.0.5");
Zeile gelöscht : user_pref("icqtoolbar.searchOnDrop", false);
Zeile gelöscht : user_pref("icqtoolbar.searchOnSelect", false);
Zeile gelöscht : user_pref("icqtoolbar.shownElements", "");
Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gelöscht : user_pref("icqtoolbar.suggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "123215177212321517721232296294049");
Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1233506235);
Zeile gelöscht : user_pref("icqtoolbar.version", "1.1.4");
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");

-\\ Google Chrome v

[ Datei : C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14969 octets] - [24/01/2014 16:04:53]
AdwCleaner[S0].txt - [13286 octets] - [24/01/2014 16:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13347 octets] ##########

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by Raisa (administrator) on RAISA-PC on 24-01-2014 16:14:20
Running from C:\Users\Raisa\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 4\Integrator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(OpenOffice.org) C:\Program Files\program\soffice.exe
(OpenOffice.org) C:\Program Files\program\soffice.bin
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6295552 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [122880 2008-02-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-01-23] (AVAST Software)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-07-30] (Sony Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-06] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [98304 2009-01-08] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
MountPoints2: {94b71db8-2035-11e2-bf63-00214f4af5a0} - G:\Startme.exe
MountPoints2: {9fa666d7-fc01-11e0-9766-00214f4af5a0} - G:\Startme.exe
MountPoints2: {ee322bcb-29e9-11e2-bc94-001dba838256} - G:\Startme.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-09] (Google)
Startup: C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {53707962-6F74-2D53-2644-206D7942484F} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Extension: Extension_Protected - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-20]
FF Extension: Surftastic - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\firefox@surftastic.net.xpi [2014-01-07]
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-10-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-26]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-20]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (No Name) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-20]
CHR Extension: (Google-Suche) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (avast! Online Security) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2011-01-31]
CHR HKLM\...\Chrome\Extension: [ijaoebhddbobhgpdppaciidhnaffgomb] - C:\Program Files\Surftastic\ijaoebhddbobhgpdppaciidhnaffgomb.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]
CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-20]
CHR HKCU\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-23] (AVAST Software)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-07-30] (Sony Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-23] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-01-08] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [143328 2008-06-28] (Realtek Semiconductor Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 4\ProcObsrv.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-24 16:14 - 2014-01-24 16:14 - 00021981 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-24 16:04 - 2014-01-24 16:09 - 00000000 ____D C:\AdwCleaner
2014-01-24 16:04 - 2014-01-24 16:04 - 00000880 _____ C:\Users\Raisa\Desktop\anleitung.txt
2014-01-24 16:00 - 2014-01-24 16:00 - 01236282 _____ C:\Users\Raisa\Desktop\adwcleaner.exe
2014-01-24 15:04 - 2014-01-24 15:04 - 00000000 ____D C:\FRST
2014-01-24 15:02 - 2014-01-24 15:02 - 01222144 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-23 15:34 - 2014-01-23 15:35 - 01236282 _____ C:\Users\Raisa\Downloads\adwcleaner_3.017.exe
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-24 15:57 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-20 22:01 - 2014-01-20 22:08 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic
2014-01-20 15:41 - 2014-01-20 16:34 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

==================== One Month Modified Files and Folders =======

2014-01-24 16:14 - 2014-01-24 16:14 - 00021981 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-24 16:14 - 2009-01-25 17:11 - 00000514 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-24 16:11 - 2013-11-20 20:40 - 00000320 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-24 16:10 - 2012-12-15 19:50 - 00000620 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-01-24 16:10 - 2010-09-23 11:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-24 16:10 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 16:10 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-24 16:10 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-24 16:09 - 2014-01-24 16:04 - 00000000 ____D C:\AdwCleaner
2014-01-24 16:09 - 2009-01-05 20:03 - 00000975 _____ C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-24 16:09 - 2009-01-05 19:59 - 01442091 _____ C:\Windows\WindowsUpdate.log
2014-01-24 16:09 - 2008-08-11 11:50 - 00000797 _____ C:\Users\Raisa\Desktop\Registrieren Sie Ihren VAIO.lnk
2014-01-24 16:09 - 2008-08-11 10:29 - 00004268 _____ C:\Windows\bthservsdp.dat
2014-01-24 16:09 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-24 16:07 - 2011-06-11 17:53 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA.job
2014-01-24 16:04 - 2014-01-24 16:04 - 00000880 _____ C:\Users\Raisa\Desktop\anleitung.txt
2014-01-24 16:00 - 2014-01-24 16:00 - 01236282 _____ C:\Users\Raisa\Desktop\adwcleaner.exe
2014-01-24 15:57 - 2014-01-20 22:01 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-24 15:35 - 2013-03-17 21:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-24 15:33 - 2010-09-23 11:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-24 15:04 - 2014-01-24 15:04 - 00000000 ____D C:\FRST
2014-01-24 15:02 - 2014-01-24 15:02 - 01222144 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-24 14:56 - 2013-11-20 20:40 - 00000000 ____D C:\Program Files\Glary Utilities 4
2014-01-24 14:55 - 2013-10-31 16:53 - 00086528 _____ C:\Windows\PFRO.log
2014-01-23 22:07 - 2011-06-11 17:53 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core.job
2014-01-23 15:35 - 2014-01-23 15:34 - 01236282 _____ C:\Users\Raisa\Downloads\adwcleaner_3.017.exe
2014-01-23 15:20 - 2013-03-03 13:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-23 15:20 - 2011-04-26 10:30 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-23 15:20 - 2010-08-18 10:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-23 15:20 - 2010-05-04 00:15 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-23 15:20 - 2010-05-04 00:15 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00001884 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-23 15:11 - 2009-01-05 20:03 - 00000000 ____D C:\Users\Raisa
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-20 22:43 - 2009-01-11 23:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-20 22:08 - 2014-01-20 22:01 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:05 - 2008-01-21 08:16 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic
2014-01-20 16:34 - 2014-01-20 15:41 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-17 15:36 - 2012-07-31 14:48 - 00000000 ____D C:\Users\Raisa\Desktop\Filme
2014-01-17 15:32 - 2013-08-11 15:56 - 00000000 ____D C:\Users\Raisa\Downloads\Kontoauszug
2014-01-16 14:39 - 2011-11-27 14:39 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2014-01-15 22:56 - 2013-05-01 20:24 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\vlc
2014-01-12 18:02 - 2009-01-05 20:22 - 00045056 _____ C:\Users\Raisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-12 15:51 - 2011-04-19 18:20 - 00000000 ____D C:\Program Files\JDownloader
2014-01-03 15:12 - 2012-01-04 21:10 - 00000766 _____ C:\Users\Raisa\Desktop\WiiBackupManager_Win32.exe - Verknüpfung.lnk
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

Some content of TEMP:
====================
C:\Users\Raisa\AppData\Local\Temp\BackupSetup.exe
C:\Users\Raisa\AppData\Local\Temp\DownloadManager.exe
C:\Users\Raisa\AppData\Local\Temp\nsoCA28.exe
C:\Users\Raisa\AppData\Local\Temp\nst5A24.exe
C:\Users\Raisa\AppData\Local\Temp\nsxD7DD.exe
C:\Users\Raisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Raisa\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Raisa\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Raisa\AppData\Local\Temp\_is2BFF.exe
C:\Users\Raisa\AppData\Local\Temp\_is2FF5.exe
C:\Users\Raisa\AppData\Local\Temp\_is5939.exe
C:\Users\Raisa\AppData\Local\Temp\_is6F36.exe
C:\Users\Raisa\AppData\Local\Temp\_is893E.exe
C:\Users\Raisa\AppData\Local\Temp\_isA533.exe
C:\Users\Raisa\AppData\Local\Temp\_isA8BD.exe
C:\Users\Raisa\AppData\Local\Temp\_isB6E0.exe
C:\Users\Raisa\AppData\Local\Temp\_isD367.exe
C:\Users\Raisa\AppData\Local\Temp\{4CC9D323-6320-45DD-8205-0AA14512E840}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2011-06-23 17:00] - [2009-03-03 05:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-24 15:03

==================== End Of Log ============================

--- --- ---

--- --- ---

aharonov · 24.01.2014, 17:01

Wie läuft der Rechner nach diesen Schritten?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

FF Extension: Extension_Protected - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-20]
FF Extension: Surftastic - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\firefox@surftastic.net.xpi [2014-01-07]
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
CHR HKLM\...\Chrome\Extension: [ijaoebhddbobhgpdppaciidhnaffgomb] - C:\Program Files\Surftastic\ijaoebhddbobhgpdppaciidhnaffgomb.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-20]
C:\Users\Raisa\AppData\Local\Temp\*.exe
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-24 15:57 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-20 22:01 - 2014-01-20 22:08 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

RA510 · 24.01.2014, 20:05

Schritt 1 hab ich.

Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-01-2014
Ran by Raisa at 2014-01-24 20:03:42 Run:1
Running from C:\Users\Raisa\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
FF Extension: Extension_Protected - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-20]
FF Extension: Surftastic - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\firefox@surftastic.net.xpi [2014-01-07]
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi
FF Extension: Lightning Speed Dial - C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-20]
CHR HKLM\...\Chrome\Extension: [ijaoebhddbobhgpdppaciidhnaffgomb] - C:\Program Files\Surftastic\ijaoebhddbobhgpdppaciidhnaffgomb.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-20]
C:\Users\Raisa\AppData\Local\Temp\*.exe
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\Tempmyfile
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\RegistryDR
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\AppData\Local\cache
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 ____D C:\Users\Raisa\.android
2014-01-20 22:02 - 2014-01-20 22:02 - 00000000 _____ C:\Users\Raisa\daemonprocess.txt
2014-01-20 22:01 - 2014-01-24 15:57 - 00000000 ____D C:\ProgramData\IePluginService
2014-01-20 22:01 - 2014-01-20 22:08 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2014-01-20 22:01 - 2014-01-20 22:01 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-20 22:00 - 2014-01-20 22:00 - 00000000 ____D C:\Program Files\Surftastic
         
*****************

C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack => Moved successfully.
C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\firefox@surftastic.net.xpi => Moved successfully.
C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\Extensions\lightningnewtab@gmail.com.xpi => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\lightningnewtab@gmail.com => Value deleted successfully.
C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default\extensions\lightningnewtab@gmail.com.xpi => not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\ijaoebhddbobhgpdppaciidhnaffgomb => Key deleted successfully.
C:\Program Files\Surftastic\ijaoebhddbobhgpdppaciidhnaffgomb.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn => Key deleted successfully.
C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx => Moved successfully.
C:\Users\Raisa\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Raisa\AppData\Local\Tempmyfile => Moved successfully.
C:\Users\Raisa\AppData\Local\RegistryDR => Moved successfully.
C:\Users\Raisa\AppData\Local\cache => Moved successfully.
C:\Users\Raisa\.android => Moved successfully.
C:\Users\Raisa\daemonprocess.txt => Moved successfully.
C:\ProgramData\IePluginService => Moved successfully.
C:\Windows\system32\AI_RecycleBin => Moved successfully.
C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop => Moved successfully.
C:\Program Files\Surftastic => Moved successfully.

==== End of Fixlog ====

Ich mach dann derweil mit Schritt 2 und 3 weiter.

aharonov · 24.01.2014, 20:35

Ok soweit.

RA510 · 24.01.2014, 23:14

Jetzt hab ich's endlich!

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.24.06

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Raisa :: RAISA-PC [Administrator]

24.01.2014 20:22:54
mbam-log-2014-01-24 (20-22-54).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 209167
Laufzeit: 10 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 8
C:\Users\Raisa\AppData\Local\Temp\fullpackage_temp1390251665\Baofeng.exe (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Raisa\AppData\Local\Temp\fullpackage_temp1390251665\package1.zip (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Raisa\AppData\Local\Temp\fullpackage_temp1390251665\UpDate.dll (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Raisa\AppData\Local\Temp\AU\SPSetup.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\nsbB2FD.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\nslBE80.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\nsr1885.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\nsbB742.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

eset

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=43e7fac4b03bb5488e03dc523e62518f
# engine=16790
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-24 10:08:11
# local_time=2014-01-24 11:08:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5892 16776573 100 100 107975 228134019 0 0
# scanned=177627
# found=0
# cleaned=0
# scan_time=6239

aharonov · 24.01.2014, 23:46

Sieht gut aus.
Aber die Software ist stark veraltet, das ist nicht so gut.

Schritt 1

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Schritt 2

Lade das Service Pack 2 für Windows Vista herunter und installiere es.

Schritt 3

Gehe bitte zu Start --> Alle Programme --> Windows Update.
Klicke dann links auf Nach Updates suchen und warte, bis die Suche beendet ist.
Drücke dann auf Updates installieren.
Starte nach Beendigung der Installation den Rechner neu auf.
Wiederhole diese Schritte, bis keine neuen Updates mehr verfügbar sind.

Schritt 4

Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können.

Die aktuelle Version ist Java 7 Update 51.

Gehe zu
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
Start --> Systemsteuerung --> Software (bei Win XP)
und deinstalliere alle älteren Java-Versionen.

In wenigen Fällen wird Java wirklich benötigt. Auch werden immer wieder neue, noch nicht geschlossene Sicherheitslücken ausgenutzt.
Überleg dir also, ob du eine Java-Installation wirklich brauchst.
Falls du Java weiterhin verwenden möchtest, dann:

Lade dir die neueste Java-Version herunter.
Schliesse alle laufenden Programme, speziell den Browser.
Starte die heruntergeladene jxpiinstall.exe und folge den Anweisungen.
Entferne während der Installation den Haken bei "Installieren Sie die Ask-Toolbar ...".

Schritt 5

Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:

Deinstalliere bitte deine aktuelle Version von Adobe Reader über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Windows 7)
Besuche diese Seite von Adobe.
Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
Drücke auf Jetzt herunterladen und installiere die neuste Version.

Schritt 6

Dein Flashplayer ist veraltet. Installiere folgendermassen die aktuelle Version:

Besuche diese Seite von Adobe.
Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
Drücke auf Jetzt herunterladen und installiere die neuste Version.

Schritt 7

Starte noch einmal FRST.

Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

RA510 · 27.01.2014, 21:24

Der Text ist zu lang, hoffe ist ok wenn ich es als Archin anhänge?

Ich kriegs doch nicht hin. Ich teile die Logs auf, ok?
FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014 01
Ran by Raisa (administrator) on RAISA-PC on 27-01-2014 21:06:29
Running from C:\Users\Raisa\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 4\Integrator.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(OpenOffice.org) C:\Program Files\program\soffice.exe
(OpenOffice.org) C:\Program Files\program\soffice.bin
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Raisa\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6295552 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [122880 2008-02-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-01-23] (AVAST Software)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-07-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-07-30] (Sony Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-06] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [98304 2009-01-08] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
MountPoints2: {94b71db8-2035-11e2-bf63-00214f4af5a0} - G:\Startme.exe
MountPoints2: {9fa666d7-fc01-11e0-9766-00214f4af5a0} - G:\Startme.exe
MountPoints2: {ee322bcb-29e9-11e2-bc94-001dba838256} - G:\Startme.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-07-30] (Sony Corporation)
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-09] (Google)
Startup: C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sonystyle-europe.com
hxxp://www.club-vaio.com/vbc/ebay/index.html
hxxp://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=29fNKhevTP4o2camm6xoxkNtzWY?q={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {53707962-6F74-2D53-2644-206D7942484F} -  No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

RA510 · 27.01.2014, 21:25

FRST Teil 2

Code:

ATTFilter

FireFox:
========
FF ProfilePath: C:\Users\Raisa\AppData\Roaming\Mozilla\Firefox\Profiles\oted4npa.default
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Raisa\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-10-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-04-26]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (YouTube) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-20]
CHR Extension: (Google-Suche) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (avast! Online Security) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-06]
CHR Extension: (Google Wallet) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Raisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2011-01-31]
CHR HKLM\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]
CHR HKCU\...\Chrome\Extension: [kgficikadnmmefckdecajlmffkbagomp] - C:\Users\Raisa\AppData\Local\CRE\kgficikadnmmefckdecajlmffkbagomp.crx [2012-05-28]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-23] (AVAST Software)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-09] (Google)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-07-30] (Sony Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-23] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-01-08] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [143328 2008-06-28] (Realtek Semiconductor Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 4\ProcObsrv.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 21:06 - 2014-01-27 21:07 - 00021196 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-27 21:06 - 2014-01-27 21:06 - 00000000 ____D C:\Users\Raisa\Desktop\FRST-OlderVersion
2014-01-27 21:04 - 2014-01-27 21:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-27 21:04 - 2014-01-27 21:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-27 21:00 - 2014-01-27 21:00 - 00001892 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-27 15:10 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-01-27 15:10 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-01-27 15:10 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-01-27 15:10 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-01-27 15:10 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-01-27 15:10 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-01-27 15:10 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-01-27 15:10 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-27 15:10 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-01-27 15:10 - 2011-03-12 22:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-01-27 14:24 - 2013-07-09 13:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-27 14:24 - 2013-07-08 05:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-27 14:24 - 2013-07-08 05:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-27 14:24 - 2013-03-09 04:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-01-27 14:24 - 2013-03-09 02:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-01-27 14:00 - 2014-01-27 14:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-01-27 14:00 - 2014-01-27 14:00 - 00000000 ____D C:\Program Files\Windows Portable Devices
2014-01-27 13:59 - 2014-01-27 13:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-01-27 09:08 - 2009-09-10 03:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-01-27 09:08 - 2009-09-10 03:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-01-27 09:08 - 2009-09-10 03:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-01-27 09:06 - 2009-10-01 02:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-01-27 09:06 - 2009-10-01 02:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-01-27 09:06 - 2009-10-01 02:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-01-27 09:06 - 2009-10-01 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-01-27 09:06 - 2009-10-01 02:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-01-27 09:06 - 2009-10-01 02:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-01-27 09:06 - 2009-10-01 02:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-01-27 09:06 - 2009-10-01 02:01 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-01-27 08:53 - 2014-01-27 08:53 - 00000000 ____D C:\ProgramData\WindowsSearch
2014-01-27 08:45 - 2014-01-27 08:45 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-27 08:45 - 2014-01-27 08:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-27 08:45 - 2014-01-27 08:45 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-27 08:45 - 2014-01-27 08:45 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-27 08:45 - 2014-01-27 08:45 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-27 08:45 - 2014-01-27 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-27 08:44 - 2014-01-27 08:44 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-01-27 08:44 - 2014-01-27 08:44 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-01-27 08:44 - 2014-01-27 08:44 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-01-27 08:44 - 2014-01-27 08:44 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-01-27 08:42 - 2014-01-27 08:45 - 00004461 _____ C:\Windows\IE9_main.log
2014-01-27 08:26 - 2012-07-26 04:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-01-27 08:26 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-01-27 08:26 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-01-27 08:26 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-01-27 08:26 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-01-27 08:26 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-01-27 08:26 - 2012-07-26 03:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-01-27 08:26 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-01-27 08:26 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-01-27 08:26 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-01-27 08:26 - 2009-07-14 13:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-01-27 08:09 - 2013-07-05 05:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-27 08:08 - 2011-02-22 15:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-01-27 08:06 - 2013-04-24 05:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-01-27 08:06 - 2013-04-24 02:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-01-27 08:06 - 2013-04-17 13:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-01-27 08:05 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-27 08:05 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-27 08:05 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-27 08:05 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-01-27 08:05 - 2013-07-17 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-27 08:05 - 2013-07-16 05:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-01-27 08:05 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-27 08:05 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-27 08:05 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-27 08:05 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-27 08:05 - 2012-11-08 04:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-01-27 08:05 - 2012-11-02 11:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-01-27 08:05 - 2012-06-29 17:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-27 08:05 - 2012-06-08 18:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-27 08:05 - 2012-06-05 17:47 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-01-27 08:05 - 2012-05-11 16:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-27 08:05 - 2011-08-25 17:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-01-27 08:05 - 2011-08-25 17:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-27 08:05 - 2011-08-25 17:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-01-27 08:05 - 2011-08-25 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-01-27 08:05 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-27 08:05 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-27 08:05 - 2011-04-21 14:55 - 00508416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-01-27 08:05 - 2009-06-17 14:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-01-27 08:04 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-01-27 08:04 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-27 08:04 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-27 08:04 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-27 08:04 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-27 08:04 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-27 08:04 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-27 08:04 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-01-27 08:04 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-27 08:04 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2014-01-27 08:04 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-27 08:04 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-27 08:04 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-27 08:04 - 2013-08-02 05:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-01-27 08:04 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-27 08:04 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-01-27 08:04 - 2013-07-10 10:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-01-27 08:04 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-27 08:04 - 2013-06-15 14:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-01-27 08:04 - 2013-06-15 12:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-01-27 08:04 - 2013-05-02 05:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-27 08:04 - 2013-05-02 05:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2014-01-27 08:04 - 2013-03-08 04:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-27 08:04 - 2013-03-03 20:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-27 08:04 - 2012-11-22 04:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-01-27 08:04 - 2012-11-20 05:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-27 08:04 - 2012-11-02 11:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-01-27 08:04 - 2012-11-02 09:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-01-27 08:04 - 2012-09-28 17:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-27 08:04 - 2012-09-25 17:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-01-27 08:04 - 2012-08-21 12:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-01-27 08:04 - 2012-03-21 00:28 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-01-27 08:04 - 2012-02-29 16:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-01-27 08:04 - 2012-02-29 14:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-01-27 08:04 - 2012-01-09 16:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-01-27 08:04 - 2011-12-14 17:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-01-27 08:04 - 2011-11-18 18:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-01-27 08:04 - 2011-11-16 17:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-01-27 08:04 - 2011-10-25 16:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-01-27 08:04 - 2011-10-14 17:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-01-27 08:04 - 2011-10-14 17:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-01-27 08:04 - 2011-10-14 17:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-01-27 08:04 - 2011-07-29 17:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-27 08:04 - 2011-07-29 17:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-27 08:04 - 2011-07-29 17:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-01-27 08:04 - 2011-07-29 17:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-01-27 08:04 - 2010-05-04 20:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-01-27 08:03 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-01-27 08:03 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-01-27 08:03 - 2013-06-01 05:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-01-27 08:03 - 2012-06-04 16:26 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-27 08:03 - 2012-06-02 01:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-27 08:03 - 2011-11-16 17:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-27 08:03 - 2011-11-16 17:21 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-27 08:03 - 2011-11-16 15:12 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-27 08:02 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-27 08:02 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-27 08:02 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-27 08:02 - 2013-03-08 04:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-27 08:02 - 2012-05-01 15:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-01-27 08:02 - 2011-06-15 17:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-01-27 07:49 - 2013-07-08 05:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-01-27 07:49 - 2013-07-08 05:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-01-27 07:49 - 2013-07-08 05:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-01-27 07:44 - 2013-02-12 02:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Deutscher Apotheker Verlag (Deutscher Apotheker Verlag)
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Deutscher Apotheker Verlag
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Local\Deutscher Apotheker Verlag (Deutscher Apotheker Verlag)
2014-01-27 07:34 - 2014-01-27 07:34 - 00002028 _____ C:\Users\Public\Desktop\Europäisches Arzneibuch 7.7.lnk
2014-01-27 07:34 - 2014-01-27 07:34 - 00000000 ____D C:\ProgramData\Deutscher Apotheker Verlag
2014-01-27 07:28 - 2014-01-27 07:34 - 00000000 ____D C:\Program Files\Europäisches Arzneibuch 7
2014-01-27 07:27 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\doctronic
2014-01-26 23:18 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-01-26 23:18 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-01-26 23:18 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-01-26 23:18 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-01-26 23:17 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-01-26 23:17 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-01-26 23:17 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-01-26 23:17 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-01-26 23:17 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\vi-VN
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\eu-ES
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\ca-ES
2014-01-26 22:49 - 2014-01-26 22:49 - 00000000 ____D C:\Windows\system32\SPReview
2014-01-26 22:35 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2014-01-26 22:35 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2014-01-26 22:34 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-01-26 22:34 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-01-26 22:34 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-01-26 22:34 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-01-26 22:34 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2014-01-26 22:34 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-01-26 22:34 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-01-26 22:34 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-01-26 22:34 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-01-26 22:34 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-01-26 22:34 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2014-01-26 22:34 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2014-01-26 22:34 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2014-01-26 22:34 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-01-26 22:34 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-01-26 22:34 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-01-26 22:33 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-01-26 22:33 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-01-26 22:33 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2014-01-26 22:33 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-01-26 22:33 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2014-01-26 22:33 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-01-26 22:33 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-01-26 22:33 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-01-26 22:33 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00117248 _____ C:\Windows\system32\EhStorAuthn.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-01-26 22:33 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2014-01-26 22:33 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-01-26 22:33 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-01-26 22:33 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2014-01-26 22:33 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2014-01-26 22:33 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2014-01-26 22:33 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2014-01-26 22:33 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-01-26 22:33 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-01-26 22:33 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-01-26 22:33 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-01-26 22:33 - 2009-04-10 21:48 - 00344698 _____ C:\Windows\system32\eaphost.tmf
2014-01-26 22:33 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2014-01-26 22:33 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2014-01-26 22:33 - 2009-04-10 21:43 - 00442788 _____ C:\Windows\system32\dot3.tmf
2014-01-26 22:33 - 2009-04-10 21:43 - 00392170 _____ C:\Windows\system32\onex.tmf
2014-01-26 22:33 - 2009-04-10 21:43 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2014-01-26 22:33 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-01-26 22:33 - 2009-04-10 21:43 - 00062208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys
2014-01-26 22:33 - 2009-04-10 21:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2014-01-26 22:33 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-01-26 22:33 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-01-26 22:33 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-01-26 22:33 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-01-26 22:33 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2014-01-26 22:33 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-01-26 22:33 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2014-01-26 22:33 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-01-26 22:33 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2014-01-26 22:33 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-01-26 22:33 - 2009-02-19 17:20 - 00009212 _____ C:\Windows\system32\RacUR.xml
2014-01-26 22:33 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-01-26 22:32 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-01-26 22:32 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-01-26 22:32 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2014-01-26 22:32 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-01-26 22:32 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-01-26 22:32 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2014-01-26 22:32 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-01-26 22:32 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2014-01-26 22:32 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00368640 _____ C:\Windows\system32\msjetoledb40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-01-26 22:32 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2014-01-26 22:32 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-01-26 22:32 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-01-26 22:32 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2014-01-26 22:32 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-01-26 22:32 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-01-26 22:32 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-01-26 22:32 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-01-26 22:32 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-01-26 22:32 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2014-01-26 22:32 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2014-01-26 22:32 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-01-26 22:32 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-01-26 22:32 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2014-01-26 22:32 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2014-01-26 22:32 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-01-26 22:32 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-01-26 22:32 - 2009-04-10 21:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys
2014-01-26 22:32 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-01-26 22:32 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-01-26 22:32 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-01-26 22:32 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2014-01-26 22:32 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-26 22:32 - 2009-04-10 18:54 - 03662128 _____ C:\Windows\system32\locale.nls
2014-01-26 22:32 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-01-26 22:32 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-01-26 22:32 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-01-26 22:32 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-01-26 22:32 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-01-26 22:32 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-01-26 22:31 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-01-26 22:31 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-01-26 22:31 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-01-26 22:31 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2014-01-26 22:31 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2014-01-26 22:31 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-01-26 22:31 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2014-01-26 22:31 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2014-01-26 22:31 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-01-26 22:31 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2014-01-26 22:31 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-01-26 22:31 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-01-26 22:31 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-01-26 22:31 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2014-01-26 22:31 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-01-26 22:31 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2014-01-26 22:31 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-01-26 22:31 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-01-26 22:31 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-01-26 22:31 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2014-01-26 22:31 - 2009-04-10 18:59 - 00107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
2014-01-26 22:31 - 2009-02-19 17:20 - 00009239 _____ C:\Windows\system32\spcinstrumentation.man
2014-01-26 22:31 - 2009-02-18 11:39 - 00092918 _____ C:\Windows\system32\slmgr.vbs
2014-01-26 22:31 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-01-26 22:30 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-01-26 22:30 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-01-26 22:30 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2014-01-26 22:30 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-01-26 22:30 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2014-01-26 22:30 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-01-26 22:30 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-01-26 22:30 - 2009-03-06 18:11 - 00130008 _____ C:\Windows\system32\systemsf.ebd
2014-01-26 22:25 - 2014-01-26 22:25 - 00000000 ____D C:\Windows\system32\EventProviders
2014-01-26 20:07 - 2014-01-26 20:07 - 00448512 _____ (OldTimer Tools) C:\Users\Raisa\Desktop\TFC.exe
2014-01-24 20:19 - 2014-01-24 20:19 - 00000906 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Malwarebytes
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-24 20:19 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-24 20:06 - 2014-01-24 20:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Raisa\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-24 16:04 - 2014-01-24 16:09 - 00000000 ____D C:\AdwCleaner
2014-01-24 16:00 - 2014-01-24 16:00 - 01236282 _____ C:\Users\Raisa\Desktop\adwcleaner.exe
2014-01-24 15:04 - 2014-01-27 21:06 - 00000000 ____D C:\FRST
2014-01-24 15:02 - 2014-01-27 21:06 - 01223168 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-20 15:41 - 2014-01-20 16:34 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

==================== One Month Modified Files and Folders =======

2014-01-27 21:07 - 2014-01-27 21:06 - 00021196 _____ C:\Users\Raisa\Desktop\FRST.txt
2014-01-27 21:07 - 2011-06-11 17:53 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA.job
2014-01-27 21:06 - 2014-01-27 21:06 - 00000000 ____D C:\Users\Raisa\Desktop\FRST-OlderVersion
2014-01-27 21:06 - 2014-01-24 15:04 - 00000000 ____D C:\FRST
2014-01-27 21:06 - 2014-01-24 15:02 - 01223168 _____ (Farbar) C:\Users\Raisa\Desktop\FRST.exe
2014-01-27 21:04 - 2014-01-27 21:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-27 21:04 - 2014-01-27 21:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-27 21:04 - 2009-01-05 20:03 - 00000000 ____D C:\Users\Raisa\AppData\Local\Adobe
2014-01-27 21:00 - 2014-01-27 21:00 - 00001892 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-27 21:00 - 2008-08-11 11:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-27 20:59 - 2008-08-11 11:47 - 00000000 ____D C:\ProgramData\Adobe
2014-01-27 20:59 - 2008-08-11 11:47 - 00000000 ____D C:\Program Files\Adobe
2014-01-27 20:51 - 2009-01-05 19:59 - 01892620 _____ C:\Windows\WindowsUpdate.log
2014-01-27 20:47 - 2009-01-25 17:11 - 00000591 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-27 20:46 - 2013-11-20 20:40 - 00000320 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-27 20:45 - 2013-11-20 20:40 - 00000000 ____D C:\Program Files\Glary Utilities 4
2014-01-27 20:45 - 2012-12-15 19:50 - 00000620 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-01-27 20:45 - 2010-09-23 11:34 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 20:45 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 20:45 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 20:45 - 2006-11-02 13:47 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 20:43 - 2008-08-11 10:29 - 00004268 _____ C:\Windows\bthservsdp.dat
2014-01-27 20:43 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-27 20:42 - 2008-01-21 08:16 - 01541636 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 20:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-27 20:22 - 2013-10-31 16:53 - 00173604 _____ C:\Windows\PFRO.log
2014-01-27 15:23 - 2013-10-31 16:27 - 00057108 _____ C:\Windows\setupact.log
2014-01-27 14:39 - 2011-11-27 14:39 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2014-01-27 14:24 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2014-01-27 14:08 - 2009-01-05 20:03 - 00000949 _____ C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-27 14:07 - 2008-08-11 19:50 - 00000000 ____D C:\Windows\Panther
2014-01-27 14:04 - 2006-11-02 13:47 - 00394888 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-27 14:00 - 2014-01-27 14:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-01-27 14:00 - 2014-01-27 14:00 - 00000000 ____D C:\Program Files\Windows Portable Devices
2014-01-27 14:00 - 2008-01-21 08:15 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2014-01-27 14:00 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2014-01-27 14:00 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-TW
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-HK
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-CN
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\uk-UA
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\tr-TR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\th-TH
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sv-SE
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sl-SI
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sk-SK
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ru-RU
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ro-RO
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pt-PT
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pt-BR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pl-PL
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\nl-NL
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\nb-NO
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lv-LV
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lt-LT
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ko-KR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ja-JP
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\it-IT
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\hu-HU
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\hr-HR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\he-IL
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fr-FR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fi-FI
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\et-EE
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\el-GR
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\bg-BG
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ar-SA
2014-01-27 14:00 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-27 13:59 - 2014-01-27 13:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-01-27 13:59 - 2008-08-11 10:24 - 00000000 ____D C:\Windows\system32\RTCOM
2014-01-27 08:53 - 2014-01-27 08:53 - 00000000 ____D C:\ProgramData\WindowsSearch
2014-01-27 08:45 - 2014-01-27 08:45 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-27 08:45 - 2014-01-27 08:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-27 08:45 - 2014-01-27 08:45 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-27 08:45 - 2014-01-27 08:45 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-27 08:45 - 2014-01-27 08:45 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-27 08:45 - 2014-01-27 08:45 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-27 08:45 - 2014-01-27 08:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-27 08:45 - 2014-01-27 08:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-27 08:45 - 2014-01-27 08:42 - 00004461 _____ C:\Windows\IE9_main.log
2014-01-27 08:45 - 2006-11-02 07:32 - 00008798 _____ C:\Windows\system32\icrav03.rat
2014-01-27 08:45 - 2006-11-02 07:32 - 00001988 _____ C:\Windows\system32\ticrf.rat
2014-01-27 08:44 - 2014-01-27 08:44 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-01-27 08:44 - 2014-01-27 08:44 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-01-27 08:44 - 2014-01-27 08:44 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-01-27 08:44 - 2014-01-27 08:44 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-01-27 08:44 - 2014-01-27 08:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-01-27 08:22 - 2013-10-31 16:06 - 00000000 ____D C:\Windows\system32\MRT
2014-01-27 08:19 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Deutscher Apotheker Verlag (Deutscher Apotheker Verlag)
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Deutscher Apotheker Verlag
2014-01-27 07:36 - 2014-01-27 07:36 - 00000000 ____D C:\Users\Raisa\AppData\Local\Deutscher Apotheker Verlag (Deutscher Apotheker Verlag)
2014-01-27 07:36 - 2014-01-27 07:27 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\doctronic
2014-01-27 07:34 - 2014-01-27 07:34 - 00002028 _____ C:\Users\Public\Desktop\Europäisches Arzneibuch 7.7.lnk
2014-01-27 07:34 - 2014-01-27 07:34 - 00000000 ____D C:\ProgramData\Deutscher Apotheker Verlag
2014-01-27 07:34 - 2014-01-27 07:28 - 00000000 ____D C:\Program Files\Europäisches Arzneibuch 7
2014-01-27 07:25 - 2012-11-08 20:18 - 00000000 ___RD C:\Users\Raisa\Desktop\Pfalztechnikum
2014-01-26 23:07 - 2009-01-05 20:03 - 00000915 _____ C:\Users\Raisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2014-01-26 22:56 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\vi-VN
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\eu-ES
2014-01-26 22:55 - 2014-01-26 22:55 - 00000000 ____D C:\Windows\system32\ca-ES
2014-01-26 22:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2014-01-26 22:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2014-01-26 22:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2014-01-26 22:49 - 2014-01-26 22:49 - 00000000 ____D C:\Windows\system32\SPReview
2014-01-26 22:25 - 2014-01-26 22:25 - 00000000 ____D C:\Windows\system32\EventProviders
2014-01-26 22:07 - 2011-06-11 17:53 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core.job
2014-01-26 20:07 - 2014-01-26 20:07 - 00448512 _____ (OldTimer Tools) C:\Users\Raisa\Desktop\TFC.exe
2014-01-24 20:19 - 2014-01-24 20:19 - 00000906 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\Malwarebytes
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-24 20:19 - 2014-01-24 20:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-24 20:07 - 2014-01-24 20:06 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Raisa\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-24 20:03 - 2009-01-05 20:03 - 00000000 ____D C:\Users\Raisa
2014-01-24 16:09 - 2014-01-24 16:04 - 00000000 ____D C:\AdwCleaner
2014-01-24 16:09 - 2009-01-18 17:31 - 00000000 ____D C:\ProgramData\ICQ
2014-01-24 16:09 - 2008-08-11 11:50 - 00000797 _____ C:\Users\Raisa\Desktop\Registrieren Sie Ihren VAIO.lnk
2014-01-24 16:00 - 2014-01-24 16:00 - 01236282 _____ C:\Users\Raisa\Desktop\adwcleaner.exe
2014-01-24 15:33 - 2010-09-23 11:34 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-23 15:20 - 2013-03-03 13:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-23 15:20 - 2011-04-26 10:30 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-23 15:20 - 2010-08-18 10:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-23 15:20 - 2010-05-04 00:15 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-23 15:20 - 2010-05-04 00:15 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-01-23 15:20 - 2010-05-04 00:15 - 00001884 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-21 19:22 - 2014-01-21 19:22 - 00002048 _____ C:\Users\Raisa\Desktop\Google Chrome.lnk
2014-01-20 22:43 - 2009-01-11 23:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-20 16:34 - 2014-01-20 15:41 - 00013905 _____ C:\Users\Raisa\Desktop\Finanzamt.odt
2014-01-17 15:36 - 2012-07-31 14:48 - 00000000 ____D C:\Users\Raisa\Desktop\Filme
2014-01-17 15:32 - 2013-08-11 15:56 - 00000000 ____D C:\Users\Raisa\Downloads\Kontoauszug
2014-01-15 22:56 - 2013-05-01 20:24 - 00000000 ____D C:\Users\Raisa\AppData\Roaming\vlc
2014-01-12 18:02 - 2009-01-05 20:22 - 00045056 _____ C:\Users\Raisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-12 15:51 - 2011-04-19 18:20 - 00000000 ____D C:\Program Files\JDownloader
2014-01-03 15:12 - 2012-01-04 21:10 - 00000766 _____ C:\Users\Raisa\Desktop\WiiBackupManager_Win32.exe - Verknüpfung.lnk
2014-01-03 15:04 - 2014-01-03 15:04 - 00000000 ____D C:\Users\Raisa\Fotos

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-27 20:52

==================== End Of Log ============================

RA510 · 27.01.2014, 21:25

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-01-2014 01
Ran by Raisa at 2014-01-27 21:08:36
Running from C:\Users\Raisa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (Version:  - )
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512 - ABBYY Software House)
ABDA Datenbank (Version:  - )
abgx360 v1.0.6 (Version:  - )
Adobe Acrobat  8 Standard - English, Français, Deutsch (Version: 8.1.6 - Adobe Systems) Hidden
Adobe Acrobat 8.1.6 - CPSID_49167 (Version:  - Adobe Systems Incorporated)
Adobe Acrobat 8.1.6 Standard (Version: 8.1.6 - Adobe Systems)
Adobe Common File Installer (Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Premiere Elements 4.0 (Version: 4.0 - Ihr Firmenname)
Adobe Premiere Elements 4.0 (Version: 4.0 - Ihr Firmenname) Hidden
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0 - Ihr Firmenname)
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0 - Ihr Firmenname) Hidden
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (Version:  - )
ArcSoft WebCam Companion 2 (Version:  - ArcSoft)
avast! Free Antivirus (Version: 9.0.2013 - Avast Software)
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter (Version: 2.5 - Sony Corporation)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0717.2343.40629 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0717.2343.40629 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0717.2343.40629 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Czech (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Danish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Dutch (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help English (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Finnish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help French (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help German (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Greek (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Italian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Japanese (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Korean (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Polish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Russian (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Spanish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Swedish (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Thai (Version: 2008.0717.2342.40629 - ATI) Hidden
CCC Help Turkish (Version: 2008.0717.2342.40629 - ATI) Hidden
ccc-core-static (Version: 2008.0717.2343.40629 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0717.2343.40629 - ATI) Hidden
CDBurnerXP (Version: 4.5.2.4214 - CDBurnerXP)
Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc Editor (Version: 1.2.00 - Sony Corporation)
Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
CloneCD (Version:  - SlySoft)
Dolby Control Center (Version: 1.2.0702 - Dolby)
ElsterFormular-Upgrade (Version: 14.1.11318 - Landesfinanzdirektion Thüringen)
Epson Easy Photo Print 2 (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (Version:  - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (Version:  - )
Epson Stylus SX510W_TX550W Handbuch (Version:  - )
EPSON SX510W Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (Version: 3.1c - SEIKO EPSON CORPORATION)
Europäisches Arzneibuch 7 (Version:  - Deutscher Apotheker Verlag)
FormatFactory 1.80 (Version: 1.80 - Free Time)
Freemake Video Downloader (Version: 3.5.3 - Ellora Assets Corporation)
Glary Utilities 4.0 (Version: 4.0.0.53 - Glarysoft Ltd)
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
Google Desktop (Version: 5.9.1005.12335 - Google)
Google Drive (Version: 1.13.5782.599 - Google, Inc.)
Google Earth (Version: 4.2.198.2451 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (Version: 0.9 - AppWork GmbH)
Jewel Master (Version:  - cerasus.media GmbH)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (Version: 1.2.00.17290 - Sony Corporation)
OpenMG Secure Module (Version: 5.1.00.05200 - Sony Corporation) Hidden
OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation)
OpenOffice.org 3.4.1 (Version: 3.41.9593 - Apache Software Foundation)
Primo (Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (Version:  - Realtek Semiconductor Corp.)
SAMSUNG Mobile Composite Device Software (Version:  - )
SAMSUNG Mobile Modem Driver Set (Version:  - )
Samsung Mobile phone USB driver Software (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (Version:  - )
SAMSUNG Mobile USB Modem Software (Version:  - )
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Setting Utility Series (Version: 4.1.00.07300 - Sony Corporation)
Skins (Version: 2008.0717.2343.40629 - ATI) Hidden
Skype™ 5.9 (Version: 5.9.123 - Skype Technologies S.A.)
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (Version: 2.5 - Sony Corporation)
SonicStage Mastering Studio Plugins (Version: 2.5 - Sony Corporation)
Sony Ericsson Update Engine (Version: 2.12.13.28 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.181 (Version: 2.10.181 - Sony)
Sony Picture Utility (Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (Version: 3.4.00 - Sony Corporation)
Spybot - Search & Destroy (Version: 2.0.12 - Safer-Networking Ltd.)
Unterstützung für VAIO-Präsentation (Version: 1.0.00.04240 - Sony Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
VAIO Content Folder Setting (Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130 - Sony Corporation)
VAIO Edit Components 6.4 (Version: 6.4 - Sony Corporation)
VAIO Energie Verwaltung (Version: 3.1.00.08060 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (Version: 4.1.00.07150 - Sony Corporation)
VAIO Guide (Version: 2.4.00.06190 - Sony Corporation)
VAIO Launcher (Version: 2.1.00.06130 - Sony Corporation)
VAIO Marketing Tools (Version:  - Sony Corporation)
VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (Version: 1.4.00.04230 - Sony Corporation)
VAIO Smart Network (Version: 2.1.00.07300 - Sony Corporation)
VAIO Update 4 (Version: 4.0.0.06110 - Sony Corporation)
VAIO Wallpaper Contents (Version: 1.2.00.05200 - Sony Corporation)
VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
WIDCOMM Bluetooth Software 6.2.0.4100 (Version: 6.2.0.4100 - Broadcom Corporation)
WinDVD BD for VAIO (Version: 8.0-B9.516 - InterVideo Inc.)
WinDVD BD for VAIO (Version: 8.0-B9.516 - InterVideo Inc.) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)

==================== Restore Points  =========================

26-01-2014 21:29:17 Windows Vista™ Service Pack 2
26-01-2014 22:16:37 Windows Update
27-01-2014 07:09:30 Windows Update
27-01-2014 13:24:06 Windows Update
27-01-2014 14:11:01 Windows Update
27-01-2014 14:49:22 Removed Java 7 Update 25
27-01-2014 19:39:11 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {133E3D57-492A-451A-BB47-B7C81ACF4433} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3CE59F72-7C70-4087-A033-FC08307D9791} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {408E3C6E-D504-4A7B-B42E-35AFAABCAD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-06] (Google Inc.)
Task: {44066263-2715-4EB4-935D-A5BB472845F8} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\Glary Utilities 4\Initialize.exe [2013-11-19] (Glarysoft Ltd)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4549E1CF-032D-486E-A02A-5D3B64453D54} - System32\Tasks\RegistryDr_Popup => C:\Program Files\Registry Dr\Splash.exe
Task: {50DF8DC4-85ED-4507-AF2A-904E4FC312D0} - System32\Tasks\RegistryDr_Start => C:\Program Files\Registry Dr\RegistryDr.exe
Task: {57F4C77E-20F0-4D9B-8FAB-75C136CE1CA7} - System32\Tasks\Start Registry Reviver => C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {62F88653-B016-4925-B2B6-47CFC0BC4AE7} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {64E68FFC-2B47-4B7D-A971-A5759AB0FFC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-23] (Google Inc.)
Task: {737541E3-3053-422F-AC24-111184A5099F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-06] (Google Inc.)
Task: {73A15203-CCF8-451A-AF70-4B898F725A1B} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-06-11] (Sony Corporation)
Task: {81070594-EAFB-45B1-9968-8AE86E87A071} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {8CF60F31-10F8-40A9-98A8-B84880EA13F9} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {A4966B0C-A9C7-4C1E-8CE8-B01FC2ADD830} - System32\Tasks\Microsoft\Windows\RestartManager\{7F272960-7DBF-45db-AB27-C3AFEFA04FB0} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {BCF36CD7-C308-4AA9-8CC1-CB8DE6C1B86D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-23] (Google Inc.)
Task: {C9693628-2205-4AC2-879F-F476C42DC4FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-01-23] (AVAST Software)
Task: {DA6C5E94-7271-4F5D-B42F-56CBED5E1037} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EBBA2546-2717-4B6E-B4DC-686DA04D0C46} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Raisa => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {ED5F6990-BE47-4A53-90FF-9AFB9B354D7C} - \GlaryInitialize 3 No Task File
Task: {EF1169A8-923A-425E-8517-8C1DB734F869} - System32\Tasks\Microsoft\Windows\RestartManager\{93F69634-A912-478a-ADC5-E64885761870} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000Core.job => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2447613139-3958461195-515353028-1000UA.job => C:\Users\Raisa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2008-08-11 19:55 - 2008-07-30 01:12 - 00159744 ____N () C:\Windows\system32\atitmmxx.dll
2008-07-01 07:43 - 2008-07-01 07:43 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-11-27 14:36 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-11-27 14:36 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2012-12-15 19:49 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-15 19:49 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-11-19 04:56 - 2013-11-19 04:56 - 00080160 _____ () C:\Program Files\Glary Utilities 4\zlib1.dll
2013-10-31 16:00 - 2013-10-31 16:00 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\program\libxml2.dll
2008-08-22 11:08 - 2008-08-22 11:08 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2007-12-06 14:59 - 2007-12-06 14:59 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-01-17 15:28 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-17 15:28 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-17 15:28 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\Raisa\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:3E4081651289E7D2

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2014 08:46:48 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/27/2014 08:46:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 08:24:59 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/27/2014 08:24:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:20:34 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (01/27/2014 03:59:07 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1304
Anfangszeit: 01cf1b6c6cfa1cc1
Zeitpunkt der Beendigung: 0

Error: (01/27/2014 03:30:51 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/27/2014 03:30:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 02:28:23 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (01/27/2014 02:28:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/27/2014 08:59:49 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (01/27/2014 08:59:49 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (01/27/2014 08:59:49 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/27/2014 08:49:42 PM) (Source: ipnathlp) (User: )
Description: Ein DHCP-Server mit der IP-Adresse 192.168.0.1 wurde von der DHCP-Zuweisung im selben Netzwerk gefunden, wie die Schnittstelle mit der IP-Adresse 192.168.0.102. Die Zuweisung wurde auf der Schnittstelle automatisch deaktiviert, um DHCP-Clientkonflikte zu vermeiden.

Error: (01/27/2014 08:47:23 PM) (Source: ipnathlp) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (01/27/2014 08:47:18 PM) (Source: ipnathlp) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.

Error: (01/27/2014 08:46:48 PM) (Source: Service Control Manager) (User: )
Description: Process creation detector.%%2

Error: (01/27/2014 08:46:30 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/27/2014 08:45:26 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402

Error: (01/27/2014 08:27:26 PM) (Source: ipnathlp) (User: )
Description: Ein DHCP-Server mit der IP-Adresse 192.168.0.1 wurde von der DHCP-Zuweisung im selben Netzwerk gefunden, wie die Schnittstelle mit der IP-Adresse 192.168.0.102. Die Zuweisung wurde auf der Schnittstelle automatisch deaktiviert, um DHCP-Clientkonflikte zu vermeiden.


Microsoft Office Sessions:
=========================
Error: (01/27/2014 08:46:48 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/27/2014 08:46:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 08:24:59 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/27/2014 08:24:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:20:34 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (01/27/2014 03:59:07 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.0.6002.18005130401cf1b6c6cfa1cc10

Error: (01/27/2014 03:30:51 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/27/2014 03:30:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 02:28:23 PM) (Source: VzCdbSvc)(User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (01/27/2014 02:28:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-01-26 22:27:18.598
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-26 22:27:18.457
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-26 22:27:18.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-26 22:27:18.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-26 22:27:18.020
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:10.664
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:10.523
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:00.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:39:00.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-07 21:38:49.209
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~1\Sony\SONICS~1\AUDIOF~1\SSMSFI~4.DLL" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 3038.12 MB
Available physical RAM: 1638.18 MB
Total Pagefile: 6277.22 MB
Available Pagefile: 4804 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:286.87 GB) (Free:151.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: F8DF97B2)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=287 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aharonov · 27.01.2014, 21:37

Ok, jetzt passt's.

Cleanup

Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.

Bei MBAM würd ich dir unbedingt empfehlen, es zu behalten und wöchentlich einen Quick-Scan durchzuführen. Wenn du es nicht weiter verwenden möchtest, kannst du es jetzt normal über die Systemsteuerung deinstallieren.
Auch den ESET Online Scanner kannst du behalten, um ab und zu (monatlich) für eine Zweitmeinung dein System damit zu scannen. Falls du ESET deinstallieren möchtest, dann kannst du das ebenfalls über die Systemsteuerung tun.
Downloade dir bitte auf jeden Fall DelFix auf deinen Desktop.
- Schliesse alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
Wenn jetzt noch etwas übriggeblieben ist, dann kannst du es einfach manuell löschen.

>> OK <<
Wir sind durch, deine Logs sehen für mich im Moment sauber aus.

Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst.

Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann.

Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:

Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.

Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.

Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
Optional: Das Programm Sandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
Optional: Das Addon WOT (web of trust) warnt dich vor einer als schädlich gemeldeten Website, bevor sie geladen wird. Für verschiedene Browser erhältlich.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:

NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
Adblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.

Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).

Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.

Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:

Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten (Windows XP) bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista / 7).
Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

RA510 · 28.01.2014, 16:06

Läuft alles super.
Natürlich würde ich gerne das Forum unterstützen, ist wohl das Mindeste, und vielen lieben Dank für deine Hilfe!
LG
RA

24.01.2014, 20:35	#8
aharonov /// TB-Ausbilder	Lollipop, Search Protect etc. alles auf einmal! Ok soweit. __________________ cheers, Leo

Lollipop, Search Protect etc. alles auf einmal!

Plagegeister aller Art und deren Bekämpfung: Lollipop, Search Protect etc. alles auf einmal!