Windows 7 64 Bit Trojaner! Problem beim Starten von: wgsdgsdgdsgsd.exe Das angegebene Modul wurde nicht gefunden.

bongobolli · 16.03.2014, 20:06

Hallo liebes Trojaner Board,

Ich habe das gleiche Problem wie schon andere User hier: jedes mal wenn ich meinen Computer hochfahre, erscheint folgende Meldung: " Fehlermeldung: Problem beim Starten von: wgsdgsdgdsgsd.exe Das angegebene Modul wurde nicht gefunden. "

Technische Daten sind: Windows 7 64 Bit, alle Updates jetzt gemacht.

Der Link zu dem Thread ist folgender:

http://www.trojaner-board.de/147767-...-gefunden.html

Allerdings vermute ich, dass das Problem nur mit einem Log File und der Benutzung von Combofix lösen kann, weshalb ich mich an euch wende, da ich kein Log File auslesen kann und vor der alleinigen Benutzung von Combofix gewarnt wurde.
Deshalb würde ich mich sehr über eure Hilfe freuen und bin jetzt schon sehr dankbar für eure Hilfe.

Als erstes schicke ich mal mit FRST meinen Scan Log File

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Felix (administrator) on TEST-PC on 16-03-2014 19:37:25
Running from C:\Users\Felix\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


== Processes (Whitelisted) ==
Nvidia Dateien habe ich glöscht, weil es zu viele Zeichen waren. 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe
(RapidSolution Software AG) C:\Program Files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Akamai Technologies, Inc.) C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Dropbox, Inc.) C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
== Registry (Whitelisted) ==
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-08-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar2\Rainlendar2.exe [3820032 2011-08-12] ()
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [Akamai NetSession Interface] - C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\MountPoints2: {e7022ec5-6e12-11e1-a11e-14dae9ed2dd9} - F:\Start.exe
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ShortcutTarget: ctfmon.lnk -> C:\ProgramData\lsass.exe (Microsoft Corporation)
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==== Internet (Whitelisted) ===
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4472AB920C06CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default
FF Homepage: https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/&scc=1&ltmpl=googlemail#inbox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Felix\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: DownloadHelper - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-31]
FF Extension: Flash and Video Download - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-03-09]
FF Extension: Flash Video Downloader - Youtube Downloader - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\artur.dubovoy@gmail.com.xpi [2013-05-16]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-08]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-23]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-24]

=== Services (Whitelisted) ===
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
S3 FirebirdServerMAGIXInstance; C:\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Logilink\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
R2 Virtual CDAudio Service; C:\Program Files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe [179464 2013-08-19] (RapidSolution Software AG)
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-14] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-08-19] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-08-19] (RapidSolution Software AG)
R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45192 2013-01-14] (RapidSolution Software AG)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-16 19:22 - 2014-03-16 19:37 - 00000000 ____D () C:\FRST
2014-03-16 12:48 - 2014-03-16 12:48 - 00001113 _____ () C:\Users\Public\Desktop\phase-6 desktop.lnk
2014-03-16 12:48 - 2014-03-16 12:48 - 00000000 ____D () C:\Program Files (x86)\phase-6
2014-03-16 10:26 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-16 10:26 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-16 10:23 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-16 10:23 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-16 10:23 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-16 10:23 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-16 10:23 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-16 10:23 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-16 10:23 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-16 10:23 - 2014-02-23 06:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-16 10:23 - 2014-02-23 06:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-16 10:23 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-16 10:23 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-16 10:23 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-16 10:23 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-16 10:23 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-16 10:23 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-16 10:23 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-16 10:23 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-16 10:23 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-16 10:23 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-16 10:22 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-16 10:22 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-16 10:22 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-16 10:22 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 08:54 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-10 08:54 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-10 08:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-10 08:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-09 20:18 - 2014-03-16 10:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-09 19:43 - 2014-03-09 19:43 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-09 19:23 - 2014-03-09 19:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:21 - 2014-03-09 19:49 - 00011150 _____ () C:\Windows\IE10_main.log
2014-03-09 18:38 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-09 18:38 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-09 18:38 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-09 18:38 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-09 18:38 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-09 18:38 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-09 18:38 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-09 18:38 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-09 18:38 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-09 18:38 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-09 18:38 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-09 18:38 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-09 18:38 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-09 18:38 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-09 18:38 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-09 18:38 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-09 18:38 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-09 18:38 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-09 18:38 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-09 18:38 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-09 18:38 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-09 18:38 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-09 18:38 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-09 18:38 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-09 18:38 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-09 18:38 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-09 18:38 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-09 18:38 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-09 18:38 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-09 18:38 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-09 18:38 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-09 18:38 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-09 18:38 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-09 18:38 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-09 18:38 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-09 18:38 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-09 18:38 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-09 18:38 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-09 18:38 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-09 18:38 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-09 18:38 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-09 18:38 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-09 18:38 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-09 18:38 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-09 18:38 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-09 18:38 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-09 18:38 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-09 18:38 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-09 18:38 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-09 18:38 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-09 18:38 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-09 18:38 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-09 18:38 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-09 18:38 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-09 18:38 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-09 18:38 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-09 18:38 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-09 18:38 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-09 18:38 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-09 18:38 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-09 18:38 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-09 18:38 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-09 18:38 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-09 18:38 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-09 18:38 - 2013-02-15 07:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-09 18:38 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-09 18:38 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-09 18:38 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-03-09 18:38 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-09 18:37 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-09 18:37 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-09 18:37 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-09 18:37 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-09 18:37 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-09 18:37 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-09 18:37 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-09 18:37 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-09 18:37 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-09 18:37 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-09 18:37 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-09 18:37 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-09 18:37 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-09 18:37 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-09 18:37 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-09 18:37 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-09 18:37 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-09 18:37 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-09 18:37 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-09 18:37 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-09 18:37 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-09 18:37 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-09 18:37 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-09 18:37 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-09 18:37 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-09 18:37 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-09 18:37 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-03-09 18:37 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-09 18:37 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-09 18:37 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-09 18:37 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-09 18:37 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-09 18:37 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-09 18:37 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-09 18:37 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-09 18:37 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-09 18:37 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-09 18:37 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-09 18:37 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-09 18:37 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-09 18:37 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-09 18:37 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-09 18:37 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-03-09 18:36 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-09 18:36 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-09 18:36 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-09 18:36 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-09 18:36 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-09 18:36 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-09 18:36 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-09 18:36 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-09 18:36 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-09 18:36 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-09 18:36 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-09 18:36 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-09 18:36 - 2013-01-03 07:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-09 18:35 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-09 18:35 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-09 18:35 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-09 18:35 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-09 18:35 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-09 18:35 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-09 18:35 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-09 18:35 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-09 18:35 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-09 18:32 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-09 18:32 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-09 18:32 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-09 18:32 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-09 18:32 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-09 18:32 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-09 18:32 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-09 18:32 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-09 18:32 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-03-09 18:32 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-09 18:32 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-09 18:32 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-09 18:32 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-09 18:32 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-09 18:32 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-09 18:32 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-02-25 16:59 - 2014-02-25 16:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 16:57 - 2014-02-25 16:57 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-25 16:57 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-25 16:57 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-25 16:57 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-25 16:57 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

== One Month Modified Files and Folders =

2014-03-16 19:37 - 2014-03-16 19:22 - 00000000 ____D () C:\FRST
2014-03-16 19:26 - 2009-07-14 05:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 19:26 - 2009-07-14 05:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 19:24 - 2009-07-14 18:58 - 00696848 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 19:24 - 2009-07-14 18:58 - 00148144 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 19:24 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 19:23 - 2012-01-03 21:28 - 01072763 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 19:20 - 2014-01-12 20:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-16 19:20 - 2012-10-01 22:03 - 00000000 ___RD () C:\Users\Felix\Dropbox
2014-03-16 19:20 - 2012-10-01 21:58 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Dropbox
2014-03-16 19:20 - 2012-04-28 08:11 - 00000000 ____D () C:\Users\Felix\.rainlendar2
2014-03-16 19:19 - 2012-01-03 21:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-16 19:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 19:19 - 2009-07-14 05:51 - 00094810 _____ () C:\Windows\setupact.log
2014-03-16 13:04 - 2014-01-12 20:47 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 12:48 - 2014-03-16 12:48 - 00001113 _____ () C:\Users\Public\Desktop\phase-6 desktop.lnk
2014-03-16 12:48 - 2014-03-16 12:48 - 00000000 ____D () C:\Program Files (x86)\phase-6
2014-03-16 11:08 - 2009-07-14 05:45 - 00408808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 10:25 - 2014-03-09 20:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-16 10:24 - 2012-01-24 15:06 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 08:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-13 22:49 - 2012-03-22 22:59 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\vlc
2014-03-12 21:52 - 2012-09-12 09:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-11 18:00 - 2012-10-23 17:18 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-03-10 16:05 - 2013-05-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Spotify
2014-03-10 16:01 - 2013-05-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Local\Spotify
2014-03-10 08:59 - 2013-10-11 18:45 - 01590370 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-10 08:41 - 2012-01-25 18:29 - 00001421 _____ () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 08:41 - 2012-01-25 18:29 - 00000000 ___RD () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-10 08:41 - 2012-01-25 18:29 - 00000000 ___RD () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-10 08:36 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-10 08:36 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-10 08:36 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-09 19:49 - 2014-03-09 19:21 - 00011150 _____ () C:\Windows\IE10_main.log
2014-03-09 19:43 - 2014-03-09 19:43 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-09 19:23 - 2014-03-09 19:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-08 19:21 - 2012-01-27 13:13 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-02-28 22:30 - 2013-01-06 15:51 - 00000000 ____D () C:\Users\Felix\AppData\Local\Audible
2014-02-28 22:30 - 2012-01-27 13:13 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-25 16:59 - 2014-02-25 16:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 16:57 - 2014-02-25 16:57 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-25 16:57 - 2013-07-02 11:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-23 09:13 - 2014-03-16 10:23 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-16 10:23 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 09:13 - 2014-03-16 10:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 09:12 - 2014-03-16 10:23 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-16 10:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 09:12 - 2014-03-16 10:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 07:54 - 2014-03-16 10:23 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-16 10:23 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 07:35 - 2014-03-16 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-16 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 06:39 - 2014-03-16 10:23 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-23 06:35 - 2014-03-16 10:23 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-21 23:25 - 2012-09-18 15:50 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2014-02-19 17:59 - 2014-01-12 20:47 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:59 - 2014-01-12 20:47 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-19 00:29 - 2012-01-23 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
Files to move or delete:

C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\lsass.exe
C:\Windows\Tasks\At1.job
Some content of TEMP:

C:\Users\Arbeit\AppData\Local\Temp\SpotifyUninstall.exe


== Bamital & volsnap Check ===

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 00:17
==== End Of Log =====

--- --- ---

Addition Log File

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Felix at 2014-03-16 19:37:54
Running from C:\Users\Felix\Desktop\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alliance of Valiant Arms DE (HKLM-x32\...\Alliance of Valiant Arms DE) (Version:  - )
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Audials (HKLM-x32\...\{0E9EBAF3-67F8-430A-9852-D02E5F20031A}) (Version: 10.2.30900.0 - Audials AG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010725614.48.56.2886890 - Audible, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
Chemie_Aber_Sicher Version 1.0 (HKLM-x32\...\{0A64BFD0-0511-4C67-A3BF-D4C0C1055255}_is1) (Version: 1.0 - Marco Korn)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird SQL Server (D) (HKLM-x32\...\Firebird SQL Server D) (Version: 1.5.2.4732 - )
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.42.1212 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)
FreeFileSync v5.0 (HKLM-x32\...\FreeFileSync) (Version: 5.0 - ZenJu)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.0.0 - Ellora Assets Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Basic Color Match (HKLM-x32\...\{1F8C6532-34B4-4425-BB1B-0D6B617E94D3}) (Version: 1.0.0 - Hewlett-Packard)
HP Color LaserJet CM1312 MFP Series 5.0 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.0 - HP)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Print View Software (HKLM\...\{1E95102E-27A4-416F-A9D1-308C9603F14A}) (Version: 3.0.0.0 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hppCLJCM1312 (x32 Version: 001.000.00131 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 001.000.00130 - Ihr Firmenname) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 001.000.00135 - Ihr Firmenname) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppscanCM1312 (x32 Version: 001.000.00131 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 001.000.00128 - Ihr Firmenname) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Ihr Firmenname) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LibreOffice 3.4 (HKLM-x32\...\{03CEFC42-378E-4467-9909-DCBAFD38CA9F}) (Version: 3.4.502 - LibreOffice)
MAGIX Audio Cleaning Lab 17 deluxe (HKLM-x32\...\MAGIX_MSI_mclab_17dlx) (Version: 17.0.0.2 - MAGIX AG)
MAGIX Audio Cleaning Lab 17 deluxe (x32 Version: 17.0.0.2 - MAGIX AG) Hidden
MAGIX Burn routines (64-Bit) (HKLM\...\{49146694-5F5F-4B1F-AD15-6587F47A0FD7}) (Version: 9.0.0.212 - MAGIX AG)
MAGIX Low Latency Driver (64-Bit) (HKLM\...\{42976FDB-5756-4077-A491-095F228E99E2}) (Version: 2.10.2011.0 - MAGIX AG)
MAGIX Music Cleaning Lab 2006 deluxe (D) (HKLM-x32\...\MAGIX Music Cleaning Lab 2006 deluxe D) (Version: 7.0.0.0 - MAGIX AG)
MAGIX Speed 2 (MSI) (HKLM-x32\...\{FF34AF1C-705B-424A-A850-1A1F61D6EB71}) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{29F291A9-F1FB-4DD3-A72D-CF15A486CD90}) (Version: 7.0.1.27 - MAGIX AG)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 German User Interface Pack (HKLM-x32\...\{901E0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Mozilla Firefox 10.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 10.0.2 (x86 de)) (Version: 10.0.2 - Mozilla)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Natura Lehrerband 5-6 (HKLM-x32\...\Natura Lehrerband 5-6) (Version:  - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NotenManager Heimversion 3.2  (HKLM-x32\...\NotenManager Heimversion) (Version: 3.2 - beSoft)
Notenmanager Korrekturschema (HKLM-x32\...\{00694340-26B4-49F8-86DD-04FC7A392371}_is1) (Version: 0.9 - beSoft)
NVIDIA 3D Vision Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.201.0 - Tracker Software Products Ltd.)
phase-6 2.3.4 (HKLM-x32\...\phase-6) (Version: 2.3.4 - phase-6)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
QLandkarte GT (remove only) (HKCU\...\QLandkarte GT) (Version:  - )
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Samplitude Pro X Download Version (HKLM-x32\...\MAGIX_MSI_SamProX) (Version: 12.0.0.59 - MAGIX AG)
Samplitude Pro X Download Version (x32 Version: 12.0.0.59 - MAGIX AG) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12054_20 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12054_20 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SketchUp 2013 (HKLM-x32\...\{2C0777B8-E91F-45AA-976B-7EB6B40E5400}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 22.0.64240 - Sonos, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symyx Draw 4.0.100 (HKLM-x32\...\{44653096-3E44-402E-B68E-37D77240BFA8}) (Version: 4.0.100 - Symyx Technologies, Inc.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinNot 4 (HKLM-x32\...\WinNot_is1) (Version:  - Arno Au)
WL0088 Wireless N 150Mbps PCI Card (HKLM-x32\...\{EA9063A5-61F8-471E-A6A0-DD90906E8064}) (Version: 1.0.0.0 - Logilink)

==================== Restore Points  =========================

10-03-2014 07:54:38 Windows Update
16-03-2014 09:23:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-02-02 15:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {14D15389-F5F8-4302-8752-2F9A5E78A433} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {1D211512-02FE-460B-AAF3-0142FF4C2C5E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {40C9B23A-7D44-4D5A-991D-80DBC58B7D06} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {484B0B12-7566-4ABB-AA59-73A027A94513} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {8673D170-36A3-45F4-A3BB-181752FC2469} - System32\Tasks\At1 => shutdown
Task: {EC1F9975-7881-4468-A5B0-6ECE96165547} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-25] (AVAST Software)
Task: C:\Windows\Tasks\At1.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-24 18:25 - 2012-10-02 20:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-25 20:08 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-08-12 06:47 - 2011-08-12 06:47 - 03820032 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2010-05-23 18:30 - 2010-05-23 18:30 - 00160768 _____ () C:\Program Files\Rainlendar2\lua51.dll
2011-08-12 06:47 - 2011-08-12 06:47 - 00312832 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2010-05-23 18:30 - 2010-05-23 18:30 - 00013824 _____ () C:\Program Files\Rainlendar2\lfs.dll
2012-01-03 21:36 - 2010-12-17 13:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-01-03 21:36 - 2010-12-17 13:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-01-03 21:36 - 2010-12-17 13:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2012-01-03 21:36 - 2010-12-17 13:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-03-16 12:44 - 2014-03-16 10:14 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031600\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Felix\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-25 18:56 - 2014-01-25 18:56 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-01-23 22:36 - 2014-02-19 00:29 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-02 12:12 - 2013-07-02 12:12 - 16033160 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

==================== Alternate Data Streams (whitelisted) =========



==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 10:03:10 PM) (Source: MsiInstaller) (User: test-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files.  Check your connection to the network, or CD-ROM drive.  For other potential solutions to this problem, see C:\Program Files (x86)\Microsoft Office\OFFICE11\1033\SETUP.CHM.

Error: (03/11/2014 06:57:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Sonos.exe, Version: 6.0.0.34230, Zeitstempel: 0x453d4bd8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0020001
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1284
Startzeit der fehlerhaften Anwendung: 0xSonos.exe0
Pfad der fehlerhaften Anwendung: Sonos.exe1
Pfad des fehlerhaften Moduls: Sonos.exe2
Berichtskennung: Sonos.exe3

Error: (03/11/2014 05:33:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Sonos.exe, Version: 6.0.0.34230, Zeitstempel: 0x453d4bd8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0020001
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1150
Startzeit der fehlerhaften Anwendung: 0xSonos.exe0
Pfad der fehlerhaften Anwendung: Sonos.exe1
Pfad des fehlerhaften Moduls: Sonos.exe2
Berichtskennung: Sonos.exe3

Error: (03/10/2014 08:41:45 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ipoint.exe, Version: 8.20.468.0, Zeitstempel: 0x4e320bb3
Name des fehlerhaften Moduls: ipoint.exe, Version: 8.20.468.0, Zeitstempel: 0x4e320bb3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000e29b6
ID des fehlerhaften Prozesses: 0x824
Startzeit der fehlerhaften Anwendung: 0xipoint.exe0
Pfad der fehlerhaften Anwendung: ipoint.exe1
Pfad des fehlerhaften Moduls: ipoint.exe2
Berichtskennung: ipoint.exe3

Error: (03/09/2014 08:20:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TrustedInstaller.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7989b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005324e
ID des fehlerhaften Prozesses: 0x1138
Startzeit der fehlerhaften Anwendung: 0xTrustedInstaller.exe0
Pfad der fehlerhaften Anwendung: TrustedInstaller.exe1
Pfad des fehlerhaften Moduls: TrustedInstaller.exe2
Berichtskennung: TrustedInstaller.exe3

Error: (03/09/2014 06:59:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0fcf
Name des fehlerhaften Moduls: NPSWF32_11_7_700_224.dll, Version: 11.7.700.224, Zeitstempel: 0x51a6761e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0034599d
ID des fehlerhaften Prozesses: 0x17bc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (03/08/2014 07:45:56 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_srrstr.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc9e0
Name des fehlerhaften Moduls: msxml3.dll, Version: 8.110.7601.17988, Zeitstempel: 0x50920c3d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001c6f
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_srrstr.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_srrstr.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_srrstr.dll2
Berichtskennung: rundll32.exe_srrstr.dll3

Error: (02/28/2014 07:55:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x2826f6a8
ID des fehlerhaften Prozesses: 0x17a0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (02/28/2014 07:38:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iTunes.exe, Version: 11.1.3.8, Zeitstempel: 0x5274a87d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x14c0
Startzeit der fehlerhaften Anwendung: 0xiTunes.exe0
Pfad der fehlerhaften Anwendung: iTunes.exe1
Pfad des fehlerhaften Moduls: iTunes.exe2
Berichtskennung: iTunes.exe3

Error: (02/18/2014 11:46:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Sonos.exe, Version: 6.0.0.34230, Zeitstempel: 0x453d4bd8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0xc0020001
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x714
Startzeit der fehlerhaften Anwendung: 0xSonos.exe0
Pfad der fehlerhaften Anwendung: Sonos.exe1
Pfad des fehlerhaften Moduls: Sonos.exe2
Berichtskennung: Sonos.exe3


System errors:
=============
Error: (03/16/2014 07:21:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/16/2014 07:21:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/16/2014 00:51:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/16/2014 00:51:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/16/2014 00:48:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/16/2014 00:48:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/16/2014 09:57:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/16/2014 09:57:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/16/2014 09:44:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/16/2014 09:44:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (03/12/2014 10:03:10 PM) (Source: MsiInstaller)(User: test-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files.  Check your connection to the network, or CD-ROM drive.  For other potential solutions to this problem, see C:\Program Files (x86)\Microsoft Office\OFFICE11\1033\SETUP.CHM.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/11/2014 06:57:58 PM) (Source: Application Error)(User: )
Description: Sonos.exe6.0.0.34230453d4bd8KERNELBASE.dll6.1.7601.1822951fb1116c00200010000c41f128401cf3d4b6ba9285fC:\Program Files (x86)\Sonos\Sonos.exeC:\Windows\syswow64\KERNELBASE.dllad7e3183-a946-11e3-9c49-14dae9ed2dd9

Error: (03/11/2014 05:33:58 PM) (Source: Application Error)(User: )
Description: Sonos.exe6.0.0.34230453d4bd8KERNELBASE.dll6.1.7601.1822951fb1116c00200010000c41f115001cf3d44df7cbbfaC:\Program Files (x86)\Sonos\Sonos.exeC:\Windows\syswow64\KERNELBASE.dllf1737000-a93a-11e3-9c49-14dae9ed2dd9

Error: (03/10/2014 08:41:45 AM) (Source: Application Error)(User: )
Description: ipoint.exe8.20.468.04e320bb3ipoint.exe8.20.468.04e320bb3c000000500000000000e29b682401cf3c342d3f2491C:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exe6db36ae3-a827-11e3-975d-14dae9ed2dd9

Error: (03/09/2014 08:20:17 PM) (Source: Application Error)(User: )
Description: TrustedInstaller.exe6.1.7601.175144ce7989bntdll.dll6.1.7601.177254ec4aa8ec0000005000000000005324e113801cf3bbd31e3c99fC:\Windows\servicing\TrustedInstaller.exeC:\Windows\SYSTEM32\ntdll.dlld8808ec0-a7bf-11e3-aa92-14dae9ed2dd9

Error: (03/09/2014 06:59:37 PM) (Source: Application Error)(User: )
Description: plugin-container.exe27.0.1.515652fc0fcfNPSWF32_11_7_700_224.dll11.7.700.22451a6761e800000030034599d17bc01cf3bc1560ab51dC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll93defc7a-a7b4-11e3-aa92-14dae9ed2dd9

Error: (03/08/2014 07:45:56 PM) (Source: Application Error)(User: )
Description: rundll32.exe_srrstr.dll6.1.7600.163854a5bc9e0msxml3.dll8.110.7601.1798850920c3dc00000050000000000001c6fc6401cf3afea1befbadC:\Windows\system32\rundll32.exeC:\Windows\System32\msxml3.dlle1a6d0cf-a6f1-11e3-bcca-14dae9ed2dd9

Error: (02/28/2014 07:55:40 PM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faaunknown0.0.0.000000000c00000052826f6a817a001cf34b56eebcb03C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknowneaa996b1-a0a9-11e3-8231-14dae9ed2dd9

Error: (02/28/2014 07:38:33 PM) (Source: Application Error)(User: )
Description: iTunes.exe11.1.3.85274a87dunknown0.0.0.000000000c00000050000000014c001cf34b43d4f8788C:\Program Files (x86)\iTunes\iTunes.exeunknown86a04d3d-a0a7-11e3-8231-14dae9ed2dd9

Error: (02/18/2014 11:46:27 PM) (Source: Application Error)(User: )
Description: Sonos.exe6.0.0.34230453d4bd8KERNELBASE.dll6.1.7601.1801550b83c8ac00200010000c41f71401cf2cecb2534234C:\Program Files (x86)\Sonos\Sonos.exeC:\Windows\syswow64\KERNELBASE.dll7fc99c5a-98ee-11e3-9b18-14dae9ed2dd9


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8190.05 MB
Available physical RAM: 6223.61 MB
Total Pagefile: 16378.29 MB
Available Pagefile: 14286.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:14.29 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:1339.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 65E74515)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: DEFA1285)

Partition: GPT Partition Type.
== End Of Log ==

Ich bin gespannt auf eure Antwort, vielen herzlichen Dank schon einmal für eure Mühe.

Viele Grüße
Felix

cosinus · 16.03.2014, 20:20

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

bongobolli · 17.03.2014, 09:42

Hallo,
ja ich habe den Avast Virenscanner einmal durchlaufen lassen, weiß aber nicht, wie ich von dem eine Logfile bekomme. Ich habe allerdings Phase 6 ein Vokabeltrainer installiert, der sich normalerweise als erstes meldet und der sich jetzt nicht mehr meldet, deshalb dachte ich, dass mit dem Programm etwas nicht stimmt. Habe es deinstalliert und wieder installiert, brachte aber nix.
Grüße
Felix

cosinus · 17.03.2014, 16:21

Zitat:

ja ich habe den Avast Virenscanner einmal durchlaufen lassen,

Was ich wissen wollte ist, ob der fündig wurde und wenn ja was gefunden wurde. Die Logs sollte man unter C:\ProgramData\AVAST Software\Avast\log finden

bongobolli · 17.03.2014, 16:34

Nein es war alles in Ordnung. Vielen Dank für den Hinweis, es gibt in dem Verzeichnis allerdings viele log Datein, cih poste mal vom Event log die letzte Woche:

Code:

ATTFilter

08.03.2014	19:21:21	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	19:21:21	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	19:21:21	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	19:21:22	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	19:21:22	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
08.03.2014	19:21:22	[000007CC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
08.03.2014	19:21:22	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
08.03.2014	19:21:22	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
08.03.2014	19:21:22	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
08.03.2014	19:21:22	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
08.03.2014	19:22:33	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
08.03.2014	19:22:33	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
08.03.2014	19:22:33	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
08.03.2014	19:22:33	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
08.03.2014	19:22:33	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
08.03.2014	19:23:23	The virus definitions have been automatically updated to version 140308-0.
08.03.2014	19:23:24	[000007CC] WaitForWscService( 363 ) -> true
08.03.2014	19:23:24	[000007CC] Antivirus state 0 updatedSign 0 
08.03.2014	19:23:24	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	19:23:24	[000007CC] Antispyware state 0 updatedSign 0 
08.03.2014	19:23:27	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
08.03.2014	19:23:27	[00000C3C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
08.03.2014	19:23:27	[00000C3C] WaitForWscService( 600 ) -> true
08.03.2014	19:23:27	[00000C3C] Antivirus state 0 updatedSign 1 
08.03.2014	19:23:27	[00000C3C] Antispyware state 0 updatedSign 1 
08.03.2014	20:30:57	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	20:30:57	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	20:30:57	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
08.03.2014	20:30:57	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:12:54	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:12:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:12:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:12:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:12:55	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
09.03.2014	11:12:55	[000008F4] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
09.03.2014	11:12:59	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
09.03.2014	11:12:59	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
09.03.2014	11:12:59	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
09.03.2014	11:12:59	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
09.03.2014	11:12:59	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
09.03.2014	11:13:51	The virus definitions have been automatically updated to version 140309-0.
09.03.2014	11:13:52	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	11:13:55	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
09.03.2014	11:13:55	[000014C8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
09.03.2014	11:14:56	[000014C8] WaitForWscService( 481 ) -> true
09.03.2014	11:14:56	[000014C8] Antivirus state 0 updatedSign 1 
09.03.2014	11:14:57	[000014C8] Antispyware state 0 updatedSign 1 
09.03.2014	11:14:57	[000008F4] WaitForWscService( 364 ) -> true
09.03.2014	11:14:57	[000008F4] Antivirus state 0 updatedSign 1 
09.03.2014	11:14:57	[000008F4] Antispyware state 0 updatedSign 1 
09.03.2014	18:27:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	18:27:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	18:27:05	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	18:27:05	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	18:27:05	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
09.03.2014	18:27:05	[0000086C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
09.03.2014	18:27:09	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
09.03.2014	18:27:09	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
09.03.2014	18:27:09	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
09.03.2014	18:27:09	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
09.03.2014	18:27:09	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
09.03.2014	18:29:07	[0000086C] WaitForWscService( 365 ) -> true
09.03.2014	18:29:07	[0000086C] Antivirus state 0 updatedSign 1 
09.03.2014	18:29:07	[0000086C] Antispyware state 0 updatedSign 1 
09.03.2014	22:28:02	The virus definitions have been automatically updated to version 140309-1.
09.03.2014	22:28:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
09.03.2014	22:28:07	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
09.03.2014	22:28:07	[00001978] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
09.03.2014	22:28:07	[00001978] WaitForWscService( 600 ) -> true
09.03.2014	22:28:07	[00001978] Antivirus state 0 updatedSign 1 
09.03.2014	22:28:07	[00001978] Antispyware state 0 updatedSign 1 
10.03.2014	08:35:52	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:35:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:35:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:35:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:35:53	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
10.03.2014	08:35:53	[0000087C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
10.03.2014	08:35:57	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
10.03.2014	08:35:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	08:35:57	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
10.03.2014	08:35:57	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
10.03.2014	08:35:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	08:36:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:36:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:36:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:37:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:37:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:37:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:37:52	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:37:52	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
10.03.2014	08:37:52	[00000794] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
10.03.2014	08:37:55	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
10.03.2014	08:37:55	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	08:37:55	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
10.03.2014	08:37:55	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
10.03.2014	08:37:55	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	08:39:53	[00000794] WaitForWscService( 364 ) -> true
10.03.2014	08:39:53	[00000794] Antivirus state 0 updatedSign 1 
10.03.2014	08:39:53	[00000794] Antispyware state 0 updatedSign 1 
10.03.2014	08:59:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:59:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	08:59:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:39:40	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:39:40	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:39:40	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:39:41	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:39:41	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
10.03.2014	14:39:41	[00000770] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
10.03.2014	14:39:42	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	14:39:42	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
10.03.2014	14:39:42	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
10.03.2014	14:39:42	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	14:39:52	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
10.03.2014	14:39:52	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	14:39:52	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
10.03.2014	14:39:52	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
10.03.2014	14:39:52	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	14:40:33	The virus definitions have been automatically updated to version 140310-0.
10.03.2014	14:40:34	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	14:40:37	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
10.03.2014	14:40:37	[000012D8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
10.03.2014	14:41:42	[000012D8] WaitForWscService( 475 ) -> true
10.03.2014	14:41:42	[000012D8] Antivirus state 0 updatedSign 1 
10.03.2014	14:41:42	[000012D8] Antispyware state 0 updatedSign 1 
10.03.2014	14:41:42	[00000770] WaitForWscService( 365 ) -> true
10.03.2014	14:41:42	[00000770] Antivirus state 0 updatedSign 1 
10.03.2014	14:41:42	[00000770] Antispyware state 0 updatedSign 1 
10.03.2014	21:38:40	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	21:38:41	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	21:38:41	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	21:38:42	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
10.03.2014	21:38:42	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
10.03.2014	21:38:42	[00000864] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
10.03.2014	21:38:45	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
10.03.2014	21:38:45	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	21:38:45	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
10.03.2014	21:38:45	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
10.03.2014	21:38:45	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
10.03.2014	21:40:43	[00000864] WaitForWscService( 360 ) -> true
10.03.2014	21:40:43	[00000864] Antivirus state 0 updatedSign 1 
10.03.2014	21:40:43	[00000864] Antispyware state 0 updatedSign 1 
11.03.2014	08:30:30	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	08:30:31	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	08:30:31	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	08:30:31	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	08:30:31	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
11.03.2014	08:30:31	[0000086C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
11.03.2014	08:30:37	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
11.03.2014	08:30:37	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
11.03.2014	08:30:37	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
11.03.2014	08:30:37	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
11.03.2014	08:30:37	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
11.03.2014	08:31:31	The virus definitions have been automatically updated to version 140310-3.
11.03.2014	08:31:33	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	08:31:36	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
11.03.2014	08:31:36	[00000DD8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
11.03.2014	08:32:33	[0000086C] WaitForWscService( 364 ) -> true
11.03.2014	08:32:33	[0000086C] Antivirus state 0 updatedSign 1 
11.03.2014	08:32:33	[0000086C] Antispyware state 0 updatedSign 1 
11.03.2014	08:32:33	[00000DD8] WaitForWscService( 488 ) -> true
11.03.2014	08:32:33	[00000DD8] Antivirus state 0 updatedSign 1 
11.03.2014	08:32:33	[00000DD8] Antispyware state 0 updatedSign 1 
11.03.2014	17:11:03	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	17:11:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	17:11:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	17:11:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	17:11:04	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
11.03.2014	17:11:04	[000008CC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
11.03.2014	17:11:07	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
11.03.2014	17:11:07	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
11.03.2014	17:11:07	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
11.03.2014	17:11:07	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
11.03.2014	17:11:07	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
11.03.2014	17:13:20	[000008CC] WaitForWscService( 338 ) -> true
11.03.2014	17:13:20	[000008CC] Antivirus state 0 updatedSign 1 
11.03.2014	17:13:20	[000008CC] Antispyware state 0 updatedSign 1 
11.03.2014	18:58:18	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	18:58:18	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	18:58:18	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
11.03.2014	18:58:18	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:51:49	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:51:50	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:51:50	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:51:50	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:51:50	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
12.03.2014	21:51:50	[000008E4] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
12.03.2014	21:51:56	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
12.03.2014	21:51:56	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
12.03.2014	21:51:56	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
12.03.2014	21:51:56	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
12.03.2014	21:51:56	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
12.03.2014	21:52:58	The virus definitions have been automatically updated to version 140312-1.
12.03.2014	21:53:00	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
12.03.2014	21:53:03	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
12.03.2014	21:53:03	[000010B0] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
12.03.2014	21:53:52	[000008E4] WaitForWscService( 365 ) -> true
12.03.2014	21:53:52	[000008E4] Antivirus state 0 updatedSign 1 
12.03.2014	21:53:52	[000010B0] WaitForWscService( 504 ) -> true
12.03.2014	21:53:52	[000010B0] Antivirus state 0 updatedSign 1 
12.03.2014	21:53:52	[000010B0] Antispyware state 0 updatedSign 1 
12.03.2014	21:53:52	[000008E4] Antispyware state 0 updatedSign 1 
13.03.2014	15:01:16	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	15:01:17	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	15:01:17	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	15:01:18	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	15:01:18	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	15:01:18	[00000578] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	15:01:18	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	15:01:18	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
13.03.2014	15:01:18	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
13.03.2014	15:01:18	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	15:01:29	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
13.03.2014	15:01:29	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	15:01:29	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
13.03.2014	15:01:29	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
13.03.2014	15:01:29	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	15:02:09	The virus definitions have been automatically updated to version 140313-0.
13.03.2014	15:02:11	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	15:02:14	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	15:02:14	[00000B7C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	15:03:20	[00000B7C] WaitForWscService( 472 ) -> true
13.03.2014	15:03:20	[00000B7C] Antivirus state 0 updatedSign 1 
13.03.2014	15:03:20	[00000578] WaitForWscService( 363 ) -> true
13.03.2014	15:03:20	[00000578] Antivirus state 0 updatedSign 1 
13.03.2014	15:03:20	[00000B7C] Antispyware state 0 updatedSign 1 
13.03.2014	15:03:20	[00000578] Antispyware state 0 updatedSign 1 
13.03.2014	16:18:50	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	16:18:50	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	16:18:50	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	16:18:50	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	17:52:13	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	17:52:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	17:52:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	17:52:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	17:52:14	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	17:52:14	[000008C8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	17:52:20	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
13.03.2014	17:52:20	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	17:52:20	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
13.03.2014	17:52:20	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
13.03.2014	17:52:20	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	17:54:16	[000008C8] WaitForWscService( 359 ) -> true
13.03.2014	17:54:16	[000008C8] Antivirus state 0 updatedSign 1 
13.03.2014	17:54:16	[000008C8] Antispyware state 0 updatedSign 1 
13.03.2014	18:22:40	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	18:22:40	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	18:22:40	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	18:22:40	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:12:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:12:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:12:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:12:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:12:57	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	20:12:57	[00000760] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	20:13:00	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
13.03.2014	20:13:00	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	20:13:00	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
13.03.2014	20:13:00	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
13.03.2014	20:13:00	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	20:13:49	The virus definitions have been automatically updated to version 140313-1.
13.03.2014	20:13:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	20:13:54	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	20:13:54	[00001134] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	20:14:59	[00000760] WaitForWscService( 364 ) -> true
13.03.2014	20:14:59	[00000760] Antivirus state 0 updatedSign 1 
13.03.2014	20:14:59	[00001134] WaitForWscService( 474 ) -> true
13.03.2014	20:14:59	[00001134] Antivirus state 0 updatedSign 1 
13.03.2014	20:14:59	[00001134] Antispyware state 0 updatedSign 1 
13.03.2014	20:14:59	[00000760] Antispyware state 0 updatedSign 1 
13.03.2014	21:33:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	21:33:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	21:33:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	22:26:45	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	22:26:45	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	22:26:46	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	22:26:46	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	22:26:46	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
13.03.2014	22:26:46	[000005F4] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
13.03.2014	22:26:47	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	22:26:47	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
13.03.2014	22:26:47	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
13.03.2014	22:26:47	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
13.03.2014	22:28:48	[000005F4] WaitForWscService( 359 ) -> true
13.03.2014	22:28:48	[000005F4] Antivirus state 0 updatedSign 1 
13.03.2014	22:28:48	[000005F4] Antispyware state 0 updatedSign 1 
13.03.2014	23:25:15	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	23:25:15	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
13.03.2014	23:25:15	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:15:46	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:15:46	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:15:46	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:15:47	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:15:47	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	08:15:47	[00000468] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	08:15:48	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:15:48	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
14.03.2014	08:15:48	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	08:15:48	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:17:49	[00000468] WaitForWscService( 364 ) -> true
14.03.2014	08:17:49	[00000468] Antivirus state 0 updatedSign 1 
14.03.2014	08:17:49	[00000468] Antispyware state 0 updatedSign 1 
14.03.2014	08:54:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:54:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:54:14	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:56:35	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:56:35	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:56:35	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:56:36	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:56:36	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	08:56:36	[000008E8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	08:56:36	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:56:36	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
14.03.2014	08:56:36	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	08:56:36	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:56:47	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
14.03.2014	08:56:47	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:56:47	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
14.03.2014	08:56:47	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	08:56:47	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	08:58:33	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:58:33	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:58:33	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	08:58:33	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:23:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:23:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:23:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:23:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:23:57	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	15:23:57	[000007EC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	15:23:59	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	15:23:59	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
14.03.2014	15:23:59	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	15:23:59	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	15:24:09	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
14.03.2014	15:24:09	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	15:24:09	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
14.03.2014	15:24:09	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	15:24:09	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	15:24:48	The virus definitions have been automatically updated to version 140314-0.
14.03.2014	15:24:50	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:24:53	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	15:24:53	[00000C10] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	15:25:59	[00000C10] WaitForWscService( 472 ) -> true
14.03.2014	15:25:59	[00000C10] Antivirus state 0 updatedSign 1 
14.03.2014	15:25:59	[000007EC] WaitForWscService( 363 ) -> true
14.03.2014	15:25:59	[000007EC] Antivirus state 0 updatedSign 1 
14.03.2014	15:25:59	[00000C10] Antispyware state 0 updatedSign 1 
14.03.2014	15:25:59	[000007EC] Antispyware state 0 updatedSign 1 
14.03.2014	15:26:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:26:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	15:26:43	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	16:48:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	16:48:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	16:48:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	16:48:57	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	16:48:57	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	16:48:57	[00000788] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	16:48:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	16:48:57	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
14.03.2014	16:48:57	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	16:48:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	16:49:08	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
14.03.2014	16:49:08	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	16:49:08	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
14.03.2014	16:49:08	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	16:49:08	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	16:50:59	[00000788] WaitForWscService( 363 ) -> true
14.03.2014	16:50:59	[00000788] Antivirus state 0 updatedSign 1 
14.03.2014	16:50:59	[00000788] Antispyware state 0 updatedSign 1 
14.03.2014	20:06:09	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:06:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:06:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:06:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:06:10	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	20:06:10	[000008BC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	20:06:14	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
14.03.2014	20:06:14	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	20:06:14	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
14.03.2014	20:06:14	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	20:06:14	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	20:07:03	The virus definitions have been automatically updated to version 140314-1.
14.03.2014	20:07:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:07:07	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	20:07:07	[0000129C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	20:08:12	[000008BC] WaitForWscService( 364 ) -> true
14.03.2014	20:08:12	[000008BC] Antivirus state 0 updatedSign 1 
14.03.2014	20:08:12	[000008BC] Antispyware state 0 updatedSign 1 
14.03.2014	20:08:12	[0000129C] WaitForWscService( 473 ) -> true
14.03.2014	20:08:12	[0000129C] Antivirus state 0 updatedSign 1 
14.03.2014	20:08:12	[0000129C] Antispyware state 0 updatedSign 1 
14.03.2014	20:44:00	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:44:00	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:44:00	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:44:01	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
14.03.2014	20:44:01	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
14.03.2014	20:44:01	[000004CC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
14.03.2014	20:44:10	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
14.03.2014	20:44:10	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	20:44:10	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
14.03.2014	20:44:10	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
14.03.2014	20:44:10	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
14.03.2014	20:46:03	[000004CC] WaitForWscService( 364 ) -> true
14.03.2014	20:46:03	[000004CC] Antivirus state 0 updatedSign 1 
14.03.2014	20:46:03	[000004CC] Antispyware state 0 updatedSign 1 
16.03.2014	09:42:05	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:42:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:42:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:42:07	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:42:07	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	09:42:07	[00000814] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	09:42:13	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	09:42:13	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	09:42:13	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	09:42:13	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	09:42:13	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	09:43:12	The virus definitions have been automatically updated to version 140315-1.
16.03.2014	09:43:13	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:43:14	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	09:43:14	[000015D0] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	09:44:08	[00000814] WaitForWscService( 364 ) -> true
16.03.2014	09:44:08	[00000814] Antivirus state 0 updatedSign 1 
16.03.2014	09:44:08	[00000814] Antispyware state 0 updatedSign 1 
16.03.2014	09:44:08	[000015D0] WaitForWscService( 495 ) -> true
16.03.2014	09:44:08	[000015D0] Antivirus state 0 updatedSign 1 
16.03.2014	09:44:08	[000015D0] Antispyware state 0 updatedSign 1 
16.03.2014	09:54:29	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 0, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:54:29	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:54:29	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 1, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:54:29	Aavm AUID event 8, product -1,  ARCEn 0, rn , status 2, progver -1, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:50	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:51	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	09:55:51	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	09:55:51	[00000928] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	09:55:57	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	09:55:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	09:55:57	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	09:55:57	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	09:55:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	09:57:53	[00000928] WaitForWscService( 364 ) -> true
16.03.2014	09:57:53	[00000928] Antivirus state 0 updatedSign 1 
16.03.2014	09:57:53	[00000928] Antispyware state 0 updatedSign 1 
16.03.2014	11:07:39	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:07:39	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:07:39	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:08:33	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:08:34	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:08:34	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:08:35	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:08:35	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	11:08:35	[000001C8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	11:08:38	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	11:08:38	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	11:08:38	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	11:08:38	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	11:08:38	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	11:09:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:09:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:09:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	11:09:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:43:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:43:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:43:38	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:43:39	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:43:39	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	12:43:39	[0000079C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	12:44:33	The virus definitions have been automatically updated to version 140316-0.
16.03.2014	12:44:34	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:44:35	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	12:44:35	[0000143C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	12:46:31	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:46:31	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:46:32	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:46:32	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:46:32	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	12:46:32	[000004CC] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	12:46:33	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:46:33	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
16.03.2014	12:46:33	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	12:46:33	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:46:43	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	12:46:43	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:46:43	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	12:46:43	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	12:46:43	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:48:34	[000004CC] WaitForWscService( 363 ) -> true
16.03.2014	12:48:34	[000004CC] Antivirus state 0 updatedSign 1 
16.03.2014	12:48:34	[000004CC] Antispyware state 0 updatedSign 1 
16.03.2014	12:49:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:49:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:49:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:49:54	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	12:49:54	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	12:49:54	[0000077C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	12:49:57	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	12:49:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:49:57	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	12:49:57	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	12:49:57	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	12:51:55	[0000077C] WaitForWscService( 365 ) -> true
16.03.2014	12:51:55	[0000077C] Antivirus state 0 updatedSign 1 
16.03.2014	12:51:56	[0000077C] Antispyware state 0 updatedSign 1 
16.03.2014	19:19:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	19:19:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	19:19:55	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	19:19:56	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	19:19:56	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
16.03.2014	19:19:56	[000007A8] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
16.03.2014	19:20:00	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
16.03.2014	19:20:00	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	19:20:00	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
16.03.2014	19:20:00	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
16.03.2014	19:20:00	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
16.03.2014	19:21:58	[000007A8] WaitForWscService( 361 ) -> true
16.03.2014	19:21:58	[000007A8] Antivirus state 0 updatedSign 1 
16.03.2014	19:21:58	[000007A8] Antispyware state 0 updatedSign 1 
16.03.2014	20:12:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	20:12:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	20:12:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
16.03.2014	20:12:06	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:01	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:02	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:02	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:03	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:03	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
17.03.2014	09:31:03	[000008B4] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
17.03.2014	09:31:08	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
17.03.2014	09:31:08	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	09:31:08	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
17.03.2014	09:31:08	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
17.03.2014	09:31:08	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	09:31:53	The virus definitions have been automatically updated to version 140316-1.
17.03.2014	09:31:53	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	09:31:58	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
17.03.2014	09:31:58	[00001190] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
17.03.2014	09:33:04	[000008B4] WaitForWscService( 362 ) -> true
17.03.2014	09:33:04	[000008B4] Antivirus state 0 updatedSign 1 
17.03.2014	09:33:04	[00001190] WaitForWscService( 470 ) -> true
17.03.2014	09:33:04	[00001190] Antivirus state 0 updatedSign 1 
17.03.2014	09:33:04	[00001190] Antispyware state 0 updatedSign 1 
17.03.2014	09:33:04	[000008B4] Antispyware state 0 updatedSign 1 
17.03.2014	10:08:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	10:08:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	10:08:10	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 2, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:24:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:24:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 0, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:24:04	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 1, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:24:05	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:24:05	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
17.03.2014	16:24:05	[0000091C] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
17.03.2014	16:24:07	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	16:24:07	AAVM - error at Rpc_VpnErrorOccurredCallback: 000006A6.
17.03.2014	16:24:07	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
17.03.2014	16:24:07	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	16:24:17	AAVM - error at Rpc_VpnLicenseInfoUpdated: 000006A6.
17.03.2014	16:24:17	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	16:24:17	AAVM - error at Rpc_VpnServerRefreshCallback: 000006A6.
17.03.2014	16:24:17	AAVM - error at Rpc_VpnConnectionStateChangedCallback: 000006A6.
17.03.2014	16:24:17	AAVM - error at Rpc_VpnCurrentStateUpdatedCallback: 000006A6.
17.03.2014	16:24:56	The virus definitions have been automatically updated to version 140317-0.
17.03.2014	16:24:58	Aavm AUID event 8, product 1,  ARCEn 0, rn , status 0, progver 150996957, Guid cd654105-a54d-41e8-b702-0714a16723b4, Auid fVrC5YnV0p0HTGrU
17.03.2014	16:25:01	Maj 6 Min 1 GetVersionEx 6.1 Stored 6.1
17.03.2014	16:25:01	[00000F10] WriteAVASFirewallStatus preVista 0 IsWin8 0 Expired 0 Firewall 0
17.03.2014	16:26:06	[0000091C] WaitForWscService( 362 ) -> true
17.03.2014	16:26:06	[0000091C] Antivirus state 0 updatedSign 1 
17.03.2014	16:26:06	[00000F10] WaitForWscService( 470 ) -> true
17.03.2014	16:26:06	[00000F10] Antivirus state 0 updatedSign 1 
17.03.2014	16:26:06	[00000F10] Antispyware state 0 updatedSign 1 
17.03.2014	16:26:06	[0000091C] Antispyware state 0 updatedSign 1

Hilft das weiter?
Grüße Felix

cosinus · 17.03.2014, 16:35

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

bongobolli · 17.03.2014, 21:46

Hallo Cosinus,
ich hatte heute Nachmittag den Malwarebytes Anti-Malware und das Junkware Removal Tool auf meinem Rechner laufen lassen, da auf dem oberen Thread der Einsatz dieser Programme als Standardskript verwendet wird. Nach der Anwendung von Malwarebytes war die Mitteilung weg. Ich schicke Dir hier mal den Log.

Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.17.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16844
Felix :: TEST-PC [Administrator]

Schutz: Aktiviert

17.03.2014 17:11:39
mbam-log-2014-03-17 (17-11-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 298537
Laufzeit: 3 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\Arbeit\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.2.4214.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\lsass.exe (Trojan.Delf) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Soll ich Combofix jetzt trotzdem noch ausführen? Sorry, dass ich ohne Absprache die Programme durlaufen hab lassen, irgendwie kann, ich seit dem der Rechner nicht richtig funktioniert, nicht richtig arbeiten (denke an nichts anderes), deshalb habe ich die Programme ausprobiert. Ich hoffe, das ist nicht so schlimm und natürlich dass die Gefahr jetzt weg ist.

Viele Grüße
Felix

cosinus · 17.03.2014, 21:54

Bitte keine Tools mehr ohne Absprache/Instruktion ausführen, sonst wird die Bereinigung nicht funktionieren!

Mach bitte jetzt mit CF weiter!

bongobolli · 17.03.2014, 23:00

Alles klar, entschuldige nochmals.
Hier habe ich den Log File von Combofix

Code:

ATTFilter

ComboFix 14-03-16.01 - Felix 17.03.2014  22:08:02.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8190.6023 [GMT 1:00]
ausgeführt von:: c:\users\Felix\Desktop\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ZIPDLL.DLL
c:\programdata\Microsoft\Windows\Start Menu\Programs\winnot
c:\programdata\Microsoft\Windows\Start Menu\Programs\winnot\Uninstall WinNot.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\winnot\WinNot - Hilfe.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\winnot\WinNot on the Web.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\winnot\WinNot.lnk
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-17 bis 2014-03-17  ))))))))))))))))))))))))))))))
.
.
2014-03-17 21:54 . 2014-03-17 21:54	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-03-17 16:10 . 2014-03-17 16:10	--------	d-----w-	c:\users\Felix\AppData\Roaming\Malwarebytes
2014-03-17 16:10 . 2014-03-17 16:10	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-17 16:10 . 2014-03-17 16:10	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-17 16:10 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-17 15:54 . 2014-03-17 15:54	--------	d-----w-	c:\windows\ERUNT
2014-03-17 15:48 . 2014-03-17 15:53	--------	d-----w-	C:\AdwCleaner
2014-03-16 18:22 . 2014-03-16 18:38	--------	d-----w-	C:\FRST
2014-03-16 11:48 . 2014-03-16 11:48	--------	d-----w-	c:\program files (x86)\phase-6
2014-03-16 09:26 . 2013-12-21 09:39	600064	----a-w-	c:\windows\system32\vbscript.dll
2014-03-16 09:26 . 2013-12-21 07:56	523776	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-03-16 09:22 . 2014-02-04 02:32	624128	----a-w-	c:\windows\system32\qedit.dll
2014-03-16 09:22 . 2014-02-04 02:04	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-03-16 09:22 . 2014-02-04 02:32	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-03-16 09:22 . 2014-02-04 02:04	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-03-10 07:54 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2014-03-10 07:54 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-03-10 07:54 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2014-03-10 07:54 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2014-03-10 07:54 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2014-03-10 07:36 . 2014-03-10 07:36	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2014-03-10 07:36 . 2014-03-10 07:36	--------	d-----w-	c:\windows\system32\wbem\en-US
2014-03-09 19:18 . 2014-03-16 09:25	--------	d-----w-	c:\windows\system32\MRT
2014-03-09 18:23 . 2014-03-09 18:23	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 17:38 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2014-03-09 17:37 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2014-03-09 17:36 . 2013-12-04 02:27	485888	----a-w-	c:\windows\system32\secproc_isv.dll
2014-03-09 17:35 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2014-03-09 17:32 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2014-02-25 15:59 . 2014-02-25 15:59	--------	d-----w-	c:\programdata\Oracle
2014-02-25 15:57 . 2014-02-25 15:57	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-02-25 15:57 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-16 09:24 . 2012-01-24 14:06	90015360	----a-w-	c:\windows\system32\MRT.exe
2014-02-03 11:20 . 2012-01-23 21:41	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-25 17:56 . 2014-01-25 17:56	80184	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-01-25 17:56 . 2013-04-28 08:20	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-01-25 17:56 . 2013-04-28 08:20	207904	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-01-25 17:56 . 2012-01-23 21:42	421704	----a-w-	c:\windows\system32\drivers\aswSP.sys
2014-01-25 17:56 . 2012-01-23 21:42	1038072	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-01-25 17:56 . 2012-04-30 06:03	92544	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-01-25 17:56 . 2012-01-23 21:42	78648	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-01-25 17:56 . 2012-01-23 21:42	334136	----a-w-	c:\windows\system32\aswBoot.exe
2014-01-25 17:56 . 2012-01-23 21:41	43152	----a-w-	c:\windows\avastSS.scr
2013-12-19 13:11 . 2012-01-23 21:42	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2005-10-20 08:00 . 2012-02-02 18:24	118784	----a-w-	c:\program files (x86)\optgraph.dll
2005-10-18 14:19 . 2012-02-02 18:24	8753152	----a-w-	c:\program files (x86)\CleaningLab.exe
2005-09-29 10:08 . 2012-02-02 18:24	167936	----a-w-	c:\program files (x86)\unwise.exe
2005-09-15 14:45 . 2012-02-02 18:24	774144	----a-w-	c:\program files (x86)\AudioIDMng.dll
2005-08-25 09:15 . 2012-02-02 18:24	753664	----a-w-	c:\program files (x86)\MP3s.dll
2005-08-22 16:26 . 2012-02-02 18:24	176128	----a-w-	c:\program files (x86)\instslct.exe
2005-08-10 08:46 . 2012-02-02 18:24	245760	----a-w-	c:\program files (x86)\mdabase.dll
2005-08-01 14:40 . 2012-02-02 18:24	442368	----a-w-	c:\program files (x86)\MFL.dll
2005-06-03 10:19 . 2012-02-02 18:24	212992	----a-w-	c:\program files (x86)\FreeDB_E.dll
2005-06-03 10:18 . 2012-02-02 18:24	212992	----a-w-	c:\program files (x86)\FreeDB_NL.dll
2005-06-03 10:18 . 2012-02-02 18:24	217088	----a-w-	c:\program files (x86)\FreeDB_IT.dll
2005-06-03 10:17 . 2012-02-02 18:24	217088	----a-w-	c:\program files (x86)\FreeDB_FR.dll
2005-06-03 10:17 . 2012-02-02 18:24	217088	----a-w-	c:\program files (x86)\FreeDB_ES.dll
2005-06-03 10:16 . 2012-02-02 18:24	217088	----a-w-	c:\program files (x86)\FreeDB_D.dll
2005-05-20 13:10 . 2012-02-02 18:24	192512	----a-w-	c:\program files (x86)\reinstall3rdParty.exe
2005-03-31 16:38 . 2012-02-02 18:24	65536	----a-w-	c:\program files (x86)\MxAutoUpdate.dll
2005-03-09 15:17 . 2012-02-02 18:24	34304	----a-w-	c:\program files (x86)\CDBurnProfiler.exe
2004-09-08 12:44 . 2012-02-02 18:24	233472	----a-w-	c:\program files (x86)\mxtlc_cl.dll
2004-07-29 01:19 . 2012-02-02 18:24	175104	----a-w-	c:\program files (x86)\LAME_ENC.DLL
2004-03-02 10:37 . 2012-02-02 18:24	323631	----a-w-	c:\program files (x86)\MXTLC.dll
2003-10-13 13:49 . 2012-02-02 18:24	974848	----a-w-	c:\program files (x86)\vorbis.dll
2003-10-13 13:49 . 2012-02-02 18:24	94208	----a-w-	c:\program files (x86)\UNZDLL.DLL
2003-10-13 13:49 . 2012-02-02 18:24	880640	----a-w-	c:\program files (x86)\vorbisenc.dll
2003-10-13 13:49 . 2012-02-02 18:24	86016	----a-w-	c:\program files (x86)\samsigPX.dll
2003-10-13 13:49 . 2012-02-02 18:24	47104	----a-w-	c:\program files (x86)\WH2ROBO.DLL
2003-10-13 13:49 . 2012-02-02 18:24	28672	----a-w-	c:\program files (x86)\vorbisfile.dll
2003-10-13 13:49 . 2012-02-02 18:24	204800	----a-w-	c:\program files (x86)\samsigW7.dll
2003-10-13 13:49 . 2012-02-02 18:24	182752	----a-w-	c:\program files (x86)\URLMON.DLL
2003-10-13 13:49 . 2012-02-02 18:24	147456	----a-w-	c:\program files (x86)\samsigP6.dll
2003-10-13 13:49 . 2012-02-02 18:24	86016	----a-w-	c:\program files (x86)\samsigP5.dll
2003-10-13 13:49 . 2012-02-02 18:24	55808	----a-w-	c:\program files (x86)\MP3UTIL.DLL
2003-10-13 13:49 . 2012-02-02 18:24	49152	----a-w-	c:\program files (x86)\ogg.dll
2003-10-13 13:49 . 2012-02-02 18:24	28672	----a-w-	c:\program files (x86)\HHWMPrxy.dll
2003-10-13 13:49 . 2012-02-02 18:24	28672	----a-w-	c:\program files (x86)\HHRASHLP.DLL
2003-10-13 13:49 . 2012-02-02 18:24	249917	----a-w-	c:\program files (x86)\GOGO.DLL
2003-10-13 13:49 . 2012-02-02 18:24	20480	----a-w-	c:\program files (x86)\SAMSIG.DLL
2003-10-13 13:49 . 2012-02-02 18:24	192512	----a-w-	c:\program files (x86)\samsigA6.dll
2003-10-13 13:49 . 2012-02-02 18:24	163840	----a-w-	c:\program files (x86)\samsigM6.dll
2003-10-13 13:49 . 2012-02-02 18:24	155648	----a-w-	c:\program files (x86)\samsigM5.dll
2003-10-13 13:49 . 2012-02-02 18:24	151552	----a-w-	c:\program files (x86)\OggDS.dll
2003-03-17 13:58 . 2012-02-02 18:24	131072	----a-w-	c:\program files (x86)\Dac32.dll
2003-02-12 10:20 . 2012-02-02 18:24	28672	----a-w-	c:\program files (x86)\explore.exe
2001-05-10 16:26 . 2012-02-02 18:24	638976	----a-w-	c:\program files (x86)\PlayRIplPX.dll
2001-05-10 16:26 . 2012-02-02 18:24	20480	----a-w-	c:\program files (x86)\PlayRIpl.dll
2000-10-26 13:28 . 2012-02-02 18:24	40960	----a-w-	c:\program files (x86)\HHVREND2.AX
2000-09-12 15:11 . 2012-02-02 18:24	73728	----a-w-	c:\program files (x86)\start.exe
2000-09-12 14:21 . 2012-02-02 18:24	45056	----a-w-	c:\program files (x86)\Dscr.dll
1999-03-11 18:14 . 2012-02-02 18:24	57344	----a-w-	c:\program files (x86)\samsigPI.dll
1999-02-09 09:46 . 2012-02-02 18:24	137728	----a-w-	c:\program files (x86)\IJL10.DLL
1998-11-05 15:07 . 1999-01-27 22:54	102400	----a-w-	c:\program files (x86)\Rn5b3241.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2011-08-12 3820032]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Akamai NetSession Interface"="c:\users\Felix\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-17 2489456]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 1925656]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-25 3767096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
phase-6 Reminder.lnk - c:\program files (x86)\phase-6\phase-6\reminder\reminder.exe [2014-1-7 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\common\Database\bin\fbserver.exe;c:\common\Database\bin\fbserver.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Logilink\Common\RaRegistry64.exe;c:\program files (x86)\Logilink\Common\RaRegistry64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe;c:\program files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys;c:\windows\SYSNATIVE\drivers\hpfx64fax.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys;c:\windows\SYSNATIVE\DRIVERS\rsvcdwdr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12 19:47]
.
2014-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12 19:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-25 17:56	287280	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Felix\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\
FF - ExtSQL: !HIDDEN! 2012-04-25 00:17; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2012-12-30 10:53; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files (x86)\Common Files\DVDVideoSoft\plugins\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-EaseUS EPM tray - c:\program files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
AddRemove-Natura Lehrerband 5-6 - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3081490788-154942970-162676441-1002\Software\SecuROM\License information*]
"datasecu"=hex:c9,02,97,32,44,24,b4,b8,84,3c,fd,8b,d6,d9,b9,d8,85,25,4a,38,19,
   15,95,c6,db,c9,50,83,fe,f5,a2,1f,ce,96,ab,c4,39,83,13,fa,3b,dd,22,d8,7a,54,\
"rkeysecu"=hex:b7,56,90,d0,b3,ce,24,61,5c,04,2f,7b,a1,be,af,32
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-17  22:56:24
ComboFix-quarantined-files.txt  2014-03-17 21:56
.
Vor Suchlauf: 16 Verzeichnis(se), 25.220.386.816 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 26.933.243.904 Bytes frei
.
- - End Of File - - 2E743E1CE10114B0A3067DF2801C74BF
A36C5E4F47E84449FF07ED3517B43A31

Vielen Dank noch einmal für die Mühe, die Du Dir machst.
Wünsche schon einmal eine gute Nacht.
Grüße
Felix

cosinus · 17.03.2014, 23:08

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

bongobolli · 18.03.2014, 20:13

Hallo,
hier die Log Files

Adwcleaner

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 18/03/2014 um 19:54:45
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Felix - TEST-PC
# Gestartet von : C:\Users\Felix\Desktop\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16843


-\\ Mozilla Firefox v10.0.2 (de)

[ Datei : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\prefs.js ]


[ Datei : C:\Users\Arbeit\AppData\Roaming\Mozilla\Firefox\Profiles\7mjdurwa.default\prefs.js ]


[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\rp1nquw8.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3673 octets] - [17/03/2014 16:48:09]
AdwCleaner[R1].txt - [1133 octets] - [17/03/2014 16:53:21]
AdwCleaner[R2].txt - [1193 octets] - [18/03/2014 19:54:00]
AdwCleaner[S0].txt - [3641 octets] - [17/03/2014 16:49:46]
AdwCleaner[S1].txt - [1115 octets] - [18/03/2014 19:54:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1175 octets] ##########

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Felix on 18.03.2014 at 19:58:30,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\shhym2q5.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.03.2014 at 20:07:29,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Felix (administrator) on TEST-PC on 18-03-2014 20:08:22
Running from C:\Users\Felix\Desktop\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe
(RapidSolution Software AG) C:\Program Files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Akamai Technologies, Inc.) C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-08-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar2\Rainlendar2.exe [3820032 2011-08-12] ()
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3081490788-154942970-162676441-1002\...\Run: [Akamai NetSession Interface] - C:\Users\Felix\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4472AB920C06CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Felix\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: DownloadHelper - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-31]
FF Extension: Flash and Video Download - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-03-09]
FF Extension: Flash Video Downloader - Youtube Downloader - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\artur.dubovoy@gmail.com.xpi [2013-05-16]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shhym2q5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-08]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-23]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-24]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
S3 FirebirdServerMAGIXInstance; C:\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Logilink\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Logilink\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
R2 Virtual CDAudio Service; C:\Program Files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe [179464 2013-08-19] (RapidSolution Software AG)
S4 HP LaserJet Service; "C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-14] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-08-19] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-08-19] (RapidSolution Software AG)
R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45192 2013-01-14] (RapidSolution Software AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 20:07 - 2014-03-18 20:07 - 00000756 _____ () C:\Users\Felix\Desktop\JRT.txt
2014-03-17 22:56 - 2014-03-17 22:56 - 00026224 _____ () C:\ComboFix.txt
2014-03-17 22:06 - 2014-03-17 22:56 - 00000000 ____D () C:\Qoobox
2014-03-17 22:06 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-17 22:06 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-17 22:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-17 22:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-17 22:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-17 22:06 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-17 22:06 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-17 22:06 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-17 22:05 - 2014-03-17 22:54 - 00000000 ____D () C:\Windows\erdnt
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Malwarebytes
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 17:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 17:02 - 2014-03-18 20:07 - 00000000 ____D () C:\Users\Felix\Desktop\Log Files
2014-03-17 16:54 - 2014-03-17 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-03-17 16:48 - 2014-03-18 19:54 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:22 - 2014-03-18 20:08 - 00000000 ____D () C:\FRST
2014-03-16 12:48 - 2014-03-16 12:48 - 00001113 _____ () C:\Users\Public\Desktop\phase-6 desktop.lnk
2014-03-16 12:48 - 2014-03-16 12:48 - 00000000 ____D () C:\Program Files (x86)\phase-6
2014-03-16 10:26 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-16 10:26 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-16 10:23 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-16 10:23 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-16 10:23 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-16 10:23 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-16 10:23 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-16 10:23 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-16 10:23 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-16 10:23 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-16 10:23 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-16 10:23 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-16 10:23 - 2014-02-23 06:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-16 10:23 - 2014-02-23 06:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-16 10:23 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-16 10:23 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-16 10:23 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-16 10:23 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-16 10:23 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-16 10:23 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-16 10:23 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-16 10:23 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-16 10:23 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-16 10:23 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-16 10:22 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-16 10:22 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-16 10:22 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-16 10:22 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-10 08:54 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-10 08:54 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-10 08:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-10 08:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-09 20:18 - 2014-03-16 10:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-09 19:43 - 2014-03-09 19:43 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-09 19:23 - 2014-03-09 19:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:21 - 2014-03-09 19:49 - 00011150 _____ () C:\Windows\IE10_main.log
2014-03-09 18:38 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-09 18:38 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-09 18:38 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-09 18:38 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-09 18:38 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-09 18:38 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-09 18:38 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-09 18:38 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-09 18:38 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-09 18:38 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-09 18:38 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-09 18:38 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-09 18:38 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-09 18:38 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-09 18:38 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-09 18:38 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-09 18:38 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-09 18:38 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-09 18:38 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-09 18:38 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-09 18:38 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-09 18:38 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-09 18:38 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-09 18:38 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-09 18:38 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-09 18:38 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-09 18:38 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-09 18:38 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-09 18:38 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-09 18:38 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-09 18:38 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-09 18:38 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-09 18:38 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-09 18:38 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-09 18:38 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-09 18:38 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-09 18:38 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-09 18:38 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-09 18:38 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-09 18:38 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-09 18:38 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-09 18:38 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-09 18:38 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-09 18:38 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-09 18:38 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-09 18:38 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-09 18:38 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-09 18:38 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-09 18:38 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-09 18:38 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-09 18:38 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-09 18:38 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-09 18:38 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-09 18:38 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-09 18:38 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-09 18:38 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-09 18:38 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-09 18:38 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-09 18:38 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-09 18:38 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-09 18:38 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-09 18:38 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-09 18:38 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-09 18:38 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-09 18:38 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-09 18:38 - 2013-02-15 07:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-09 18:38 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-09 18:38 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-09 18:38 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-03-09 18:38 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-09 18:37 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-09 18:37 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-09 18:37 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-09 18:37 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-09 18:37 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-09 18:37 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-09 18:37 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-09 18:37 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-09 18:37 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-09 18:37 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-09 18:37 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-09 18:37 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-09 18:37 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-09 18:37 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-09 18:37 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-09 18:37 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-09 18:37 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-09 18:37 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-09 18:37 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-09 18:37 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-09 18:37 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-09 18:37 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-09 18:37 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-09 18:37 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-09 18:37 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-09 18:37 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-09 18:37 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-03-09 18:37 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-09 18:37 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-09 18:37 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-09 18:37 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-09 18:37 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-09 18:37 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-09 18:37 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-09 18:37 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-09 18:37 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-09 18:37 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-09 18:37 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-09 18:37 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-09 18:37 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-09 18:37 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-09 18:37 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-09 18:37 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-03-09 18:36 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-09 18:36 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-09 18:36 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-09 18:36 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-09 18:36 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-09 18:36 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-09 18:36 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-09 18:36 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-09 18:36 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-09 18:36 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-09 18:36 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-09 18:36 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-09 18:36 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-09 18:36 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-09 18:36 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-09 18:36 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-09 18:36 - 2013-01-03 07:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-09 18:35 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-09 18:35 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-09 18:35 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-09 18:35 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-09 18:35 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-09 18:35 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-09 18:35 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-09 18:35 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-09 18:35 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-09 18:35 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-09 18:32 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-09 18:32 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-09 18:32 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-09 18:32 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-09 18:32 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-09 18:32 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-09 18:32 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-09 18:32 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-09 18:32 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-03-09 18:32 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-09 18:32 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-09 18:32 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-09 18:32 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-09 18:32 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-09 18:32 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-09 18:32 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-02-25 16:59 - 2014-02-25 16:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 16:57 - 2014-02-25 16:57 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-25 16:57 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-25 16:57 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-25 16:57 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-25 16:57 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

==================== One Month Modified Files and Folders =======

2014-03-18 20:08 - 2014-03-16 19:22 - 00000000 ____D () C:\FRST
2014-03-18 20:07 - 2014-03-18 20:07 - 00000756 _____ () C:\Users\Felix\Desktop\JRT.txt
2014-03-18 20:07 - 2014-03-17 17:02 - 00000000 ____D () C:\Users\Felix\Desktop\Log Files
2014-03-18 20:04 - 2014-01-12 20:47 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 20:02 - 2009-07-14 18:58 - 00696848 _____ () C:\Windows\system32\perfh007.dat
2014-03-18 20:02 - 2009-07-14 18:58 - 00148144 _____ () C:\Windows\system32\perfc007.dat
2014-03-18 20:02 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 20:02 - 2009-07-14 05:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 20:02 - 2009-07-14 05:45 - 00015136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 19:56 - 2014-01-12 20:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 19:56 - 2012-10-01 22:03 - 00000000 ___RD () C:\Users\Felix\Dropbox
2014-03-18 19:56 - 2012-10-01 21:58 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Dropbox
2014-03-18 19:55 - 2012-04-28 08:11 - 00000000 ____D () C:\Users\Felix\.rainlendar2
2014-03-18 19:55 - 2012-01-03 21:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-18 19:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 19:55 - 2009-07-14 05:51 - 00095426 _____ () C:\Windows\setupact.log
2014-03-18 19:54 - 2014-03-17 16:48 - 00000000 ____D () C:\AdwCleaner
2014-03-18 19:54 - 2012-01-03 21:28 - 01136874 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 23:05 - 2012-01-24 00:29 - 00196770 _____ () C:\Windows\PFRO.log
2014-03-17 22:56 - 2014-03-17 22:56 - 00026224 _____ () C:\ComboFix.txt
2014-03-17 22:56 - 2014-03-17 22:06 - 00000000 ____D () C:\Qoobox
2014-03-17 22:54 - 2014-03-17 22:05 - 00000000 ____D () C:\Windows\erdnt
2014-03-17 22:54 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-17 21:37 - 2012-10-23 17:18 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-03-17 17:15 - 2012-01-25 18:29 - 00000000 ___RD () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Malwarebytes
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 17:10 - 2014-03-17 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 16:54 - 2014-03-17 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 12:48 - 2014-03-16 12:48 - 00001113 _____ () C:\Users\Public\Desktop\phase-6 desktop.lnk
2014-03-16 12:48 - 2014-03-16 12:48 - 00000000 ____D () C:\Program Files (x86)\phase-6
2014-03-16 11:08 - 2009-07-14 05:45 - 00408808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 10:25 - 2014-03-09 20:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-16 10:24 - 2012-01-24 15:06 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 08:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-13 22:49 - 2012-03-22 22:59 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\vlc
2014-03-12 21:52 - 2012-09-12 09:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-10 16:05 - 2013-05-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Spotify
2014-03-10 16:01 - 2013-05-02 19:03 - 00000000 ____D () C:\Users\Felix\AppData\Local\Spotify
2014-03-10 08:59 - 2013-10-11 18:45 - 01590370 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-10 08:41 - 2012-01-25 18:29 - 00001421 _____ () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 08:41 - 2012-01-25 18:29 - 00000000 ___RD () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-10 08:36 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-10 08:36 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-10 08:36 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-10 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-09 19:49 - 2014-03-09 19:21 - 00011150 _____ () C:\Windows\IE10_main.log
2014-03-09 19:43 - 2014-03-09 19:43 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-09 19:43 - 2014-03-09 19:43 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-09 19:43 - 2014-03-09 19:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-09 19:43 - 2014-03-09 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-09 19:23 - 2014-03-09 19:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-09 19:23 - 2014-03-09 19:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-08 19:21 - 2012-01-27 13:13 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-02-28 22:30 - 2013-01-06 15:51 - 00000000 ____D () C:\Users\Felix\AppData\Local\Audible
2014-02-28 22:30 - 2012-01-27 13:13 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-25 16:59 - 2014-02-25 16:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 16:57 - 2014-02-25 16:57 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-25 16:57 - 2013-07-02 11:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-23 09:13 - 2014-03-16 10:23 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-16 10:23 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 09:13 - 2014-03-16 10:23 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 09:12 - 2014-03-16 10:23 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-16 10:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 09:12 - 2014-03-16 10:23 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 09:11 - 2014-03-16 10:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 07:54 - 2014-03-16 10:23 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-16 10:23 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 07:53 - 2014-03-16 10:23 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 07:35 - 2014-03-16 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-16 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 06:39 - 2014-03-16 10:23 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-23 06:35 - 2014-03-16 10:23 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-21 23:25 - 2012-09-18 15:50 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2014-02-19 17:59 - 2014-01-12 20:47 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:59 - 2014-01-12 20:47 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-19 00:29 - 2012-01-23 22:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 00:17

==================== End Of Log ============================

--- --- ---

Viele Grüße Felix

cosinus · 19.03.2014, 11:21

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

bongobolli · 19.03.2014, 13:20

Hallo, hier ist schon einmal der MAM Log

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.19.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16844
Felix :: TEST-PC [Administrator]

Schutz: Aktiviert

19.03.2014 13:15:39
mbam-log-2014-03-19 (13-15-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 303626
Laufzeit: 3 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Der Eset Online Scan folgt später.
Grüße
Felix

bongobolli · 21.03.2014, 07:17

Hier jetzt der Eset Scan

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=32ef1db7eff0854892ec4eb6878cc37d
# engine=17534
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-20 11:26:03
# local_time=2014-03-21 12:26:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 4626686 4688996 0 0
# compatibility_mode=5893 16776573 100 94 264084 146987813 0 0
# scanned=420583
# found=3
# cleaned=0
# scan_time=9510
sh=1DF7D6975E65D1B1369081A77ADE0142AB46E996 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.OCH trojan" ac=I fn="C:\Users\Arbeit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\6e6771b2-575adb9d"
sh=AE2982E95911DEC9884C64B11F164D39B0EFF372 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Felix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5bfd94e1-389769b5"
sh=E287472178BB1D29EF08A197C64AF4856FEF847E ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Felix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\38df11fd-3e0a304d"

Grüße Felix

cosinus · 21.03.2014, 11:13

Nur Reste in Temp+Cache

TFC - Temp File Cleaner

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

17.03.2014, 21:54	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 7 64 Bit Trojaner! Problem beim Starten von: wgsdgsdgdsgsd.exe Das angegebene Modul wurde nicht gefunden. Bitte keine Tools mehr ohne Absprache/Instruktion ausführen, sonst wird die Bereinigung nicht funktionieren! Mach bitte jetzt mit CF weiter! __________________ Logfiles bitte immer in CODE-Tags posten

Windows 7 64 Bit Trojaner! Problem beim Starten von: wgsdgsdgdsgsd.exe Das angegebene Modul wurde nicht gefunden.

Log-Analyse und Auswertung: Windows 7 64 Bit Trojaner! Problem beim Starten von: wgsdgsdgdsgsd.exe Das angegebene Modul wurde nicht gefunden.